Beware of malware, as your ATMs may be vulnerable.

What you need to know about ATM malware

Posted on

Malware is a pernicious threat to which everyone is vulnerable – businesses and consumers alike. Every year, millions of dollars of revenue are lost due to digital bad actors: In fact, according to the Identity Theft Resource Center, malware was partially responsible for the exposure of over 446 million identity data records in 2018.

But it isn't just PCs or mobile devices that are susceptible. So are ATMs. By understanding the threat and taking the steps to properly protect your ATM fleet – such as updating to Windows 10 – you can prevent malware from infecting your automated systems and impacting operations.

"An increasing number of ATM attacks are implemented remotely."

What is ATM malware?
ATM malware, as its title suggests, is malicious software that cyberattackers use on automated teller machines. Though simple in its definition, it's somewhat complex in terms of how it actually gets installed because an increasing number of attacks are implemented remotely.

The key to ATM malware's insidious power is the fact that, like more conventional viruses, it's widely available and requires only a modicum of technical knowhow to execute a successful attack – not to mention, malware is relatively cheap. As Kaspersky Labs warns, ATM malware is trafficked openly on the Darknet, with hackers and bad actors able to purchase execution manuals for around $5,000 USD. 

Regardless of how they're plotted, the end goal is the same: the theft of financial information, either from customers' checking accounts or the machines themselves via "jackpotting," which the FBI warned financial institutions about last summer, American Banker reported.

Even though there's more awareness of cyberthreats to the banking industry, hackers and attackers have been able to prey on ATMs' vulnerabilities. For instance, according to a study conducted by Positive Technologies, 85 percent of ATMs examined were considered "poorly secured" from the potential of network attacks.

Leigh-Anne Galloway, head of cybersecurity at Positive Technologies, noted attacks like spoofing and the utilization of malicious black box devices can recreate standard ATM processes when hackers are in reality mimicking them.

"Our research shows that most ATMs have no restrictions to stop connection of unknown hardware devices," Galloway warned. "So an attacker can connect a keyboard or other devices to imitate user input."

Malware makes this possible by disabling whatever security systems are in place within the ATM, assuming they're not encrypted (which is often the case).

Scammers have altered their tactics
If there's anything that cybercriminals specialize in, it's adaptability. If one method doesn't work because consumers or businesses have caught on to the ruse, they immediately try an alternative. That's what's happening with ATM malware, since EMV implementation and greater awareness has reduced the occurrence of skimming.

Fortunately, there's a fairly simple solution to malware mayhem: upgrading to Windows 10. As you're no doubt aware, this is the last year for Windows 7 support, so security patches will no longer be available. By updating to Windows 10 as soon as possible, you'll greatly reduce the risk of ATM malware because the OS has the updates in place designed to identify tell-tale signs of malware, such as trojans, botnets and self-replicating viruses. This is made possible through Microsoft's proprietary program Device Guard™.

Here at BranchServ, we specialize in electronic and physical security and can provide you with the ATMs that are Windows 10 ready and include enhanced safeguards. Please contact us to arrange a free demo.