A new form of ATM theft dubbed ‘Jackpotting’ is on the rise, where criminals gain access to an ATM’s system and manipulate it into ejecting cash as fast as 40 notes every 23 seconds.
A wave of ATM security attacks was first spotted in Europe in 2017 which involved installing malware on an ATM via access to an open USB port, CD/DVD slot, or networking sockets. However, a report by the European Association for Secure Transactions (EAST) disclosed how attacks against ATMs across Europe using older ATM jackpotting and malware techniques have decreased exponentially, with banks reporting a 43% drop (from 61 to 35) over a two year period.
Despite the downward trend in ATM attacks, thieves have managed to find a way to combat the software enhancements made over time. They use a device that runs an adapted version of Diebold Nixdorf’s (Major ATM manufacturer) proprietary software stack. With it, they connect the device to the ATM internals and issue detrimental commands. The devices are attached either by gaining access to a key that unlocks the ATM chassis or by drilling holes/ breaking the physical locks to gain access to the machine internals.
In a recent security alert statement, Diebold Nixdorf broke down how fraudsters carried out the new form of attacks to keep banks and security companies aware:
“In the recent incidents, attackers are focusing on outdoor systems and are destroying parts of the fascia to gain physical access to the head compartment. Next, the USB cable between the CMD-V4 dispenser and the special electronics, or the cable between special electronics and the ATM PC, was unplugged. This cable is connected to the black box of the attacker to send illegitimate dispense commands”.
Research from security reporter Catalin Cimpanu of Zero Day suggests that even constant software security improvements have not been able to stop ATM attacks – criminals are still making use of weak physical ATM protection. A Q4 2019 report from EAST confirmed ATM related physical attacks were up 16% (from 2,046 to 2,376 incidents), attacks due to ram raids and ATM burglary were up 3% (from 590 to 610 incidents) and ATM explosive attacks (including explosive gas and solid explosive attacks) were up 3% (from 490 to 503 incidents). To counter this, Diebold Nixdorf stated that Banks and other ATM providers should implement robust countermeasures such as physical ATM protection, two-factor authentication for ATM access controls and secure cash safety mechanisms.
“Ultimately ATM protections need to be physical, since hackers are already relying on physical access to carry out their attacks” argues Daniel Regalado, principle security researcher for Zingbox. “You can have the latest and greatest software solution, but with physical access they figure out ways to remove the protections”. He adds “this is not a software problem, it’s a hardware problem.”
Safetell, a market leading Physical Security product and service provider, have developed an ATM Pod which is a specialised security solution accredited by Secured by Design and constructed of CityWall, to help mitigate the risk of theft and attack against ATMs. The modular security walling system can add a layer of security to exterior ATMs, preventing cash machine theft.
The threat of ATM attacks will always be something to look out for, which serves as a vital reminder about the ongoing need to invest in strong ATM security. Safetell will be able to assist you in both the age of new technology and against the unwavering appearance of physical threats.