ATM Jackpotting hits US Shores
There is a new peril in town and its nothing like hitting a jackpot! Sophisticated threats and targeted ATM attacks subsist to test the security hardihood of financial services institutions- the recent one being ‘Jackpotting’ attacks on ATMs in the United States.
Involving thieves masked in technician uniforms complete with a fake identification badge, the ATM hack comprises of installing a malicious software and/or hardware through the exterior casing of the ATM. Forcing machines to spit out huge volumes of cash, it turns out that a crowbar or endoscope plays the ideal sidekick with locating the ATM’s diagnostic port, used to plug in the malware code. With over $1 million stolen in attacks so far, the malware particularly strikes certain models of ATMs manufacturers – which raises the question of whether it could be detected and fixed. Indeed, the Barnaby Jacks of the world could best demonstrate an example parallel to the showcase at ‘Black Hat Conference’ in 2010, but it could start with ATM operators updating to a version of Windows 7 from the outdated Windows XP to defeat this.
With ATM manufacturers sending out security alerts to customers and banks in the United States, followed by a U.S. Secret Service alert – why couldn’t the ‘Cutlet Maker’ be prevented? Clearly the iconic scene in ‘Terminator 2’ with adolescent John Connor using his Atari and pushing a few buttons to attack an ATM didn’t leave us conversant with jackpotting an ATM. With “Ploutus”, “Greendispenser”, “Prilex” jackpotting reported first in Mexico in early 2013 using an external keyboard or SMS message, the recent market earmarked has been in Europe – by reason of a strong “B2B” cooperation between Eastern European and Latin American cybercriminals. EAST (European Association for Secure Transactions) reported a total of 492 explosive ATM attacks in Europe and ‘Black Box’ attacks in a dozen countries across 2016; a rise of 80 percent compared to the same period in 2015. Encompassing $50,000 bonanza in a filled ATM, the attack spiked around stand-alone ATMs routinely located in pharmacies, big-box retailers, and drive-thru ATMs- a foolproof plan to prey on vulnerability! The most alarming aspect of the attacks is the dexterity and the possibility of future cyber-security threats…not to forget a tainted portrayal of the banks.
Consequently, with ATM incursions moving from physical bombing attacks to logical ATM hack code attacks, the improbable technology we see on big screen might be closer to reality than ever. Solutions which can remediate and mitigate the issue instantly would act as an impenetrable ‘line of control’. With Sentient, we bring you multiple lines of defense and protection against jackpotting, even before it reaches your shore. An instant tampering alarm alert the moment someone touches the ATM top hat to access the processor within, a halt cashflow trigger for an ATM shut down, prompt detection for ATM re-booting and a final line of defense which checks if the antivirus was tampered with are just the first few steps we imbibe to cease siphoning. Intriguing enough? Check our page for more details on how Sentient can help mitigate ATM jackpotting!