ATM security
ATM security
According to a joint survey conducted by Motherboard and the German broadcaster Bayerischer Rundfunk (BR), detailed information on large-scale cybercrime activities using so-called jackpotting attacks was discovered.
Jackpotting is a hacking technique in which cybercriminals use malware or hardware to trick the ATM into cash. Initiating a jackpotting attack does not require a credit card to be stolen. An attacker behind these attacks can usually access the USB port by opening a panel on the machine to install the malware onto the ATM.
According to Motherboard and BR's survey, although the jackpotting attacks in Europe have decreased in the first half of this year, there are several sources that the number of attacks in other parts of the world has increased.
Recently, the United States, Latin America and Southeast Asia have suffered jackpotting attacks, and banks and ATM manufacturers have been affected.
As early as the 2010 Black Hat Cyber Security Conference, the late researcher Barnaby Jack showed off his ATM malware on the stage. Once the malware is successfully deployed to the ATM, the device will display the words “JACKPOT” on the screen when it spits out the banknotes.
In 2017, a jackpotting attack took place in Germany. Prosecutor Christoph Hebbecker revealed to the joint investigation that there were 10 incidents between February and November, and the attackers stole 1.4 million euros.
The jackpotting attack has now come back. One of the main problems with ATM security is that many ATMs are inherently aging Windows computers that are very old and slow to run. Over the years, ATM manufacturers have made security improvements to their equipment, but this does not necessarily mean that all ATMs across the industry meet the same standards.
David N Tente, executive director of the American, Canadian and American ATM industry associations, explained to Vice how banks can better protect their ATMs from jackpotting attacks.