Thursday, June 20, 2024
View ShowroomNo, this is not a fashion recommendation, but rather a serious caution with regard to ATM security. Top of mind for all ATM deployers should be the fact that good physical security is an absolute necessity to deterring jackpotting and malware attacks.
Reports of jackpotting attacks have increased significantly this year in the U.S. Which means that more crooks are successfully gaining access to ATM internals – including swapping out the ATM hard drive and hijacking communications. And if your cabinet locks, including the “top hat”, can be opened with generic keys available on the dark web, you are making it all the easier for them.
Ensure that firewalls and anti-malware protection are correctly configured, including whitelisting solutions that cannot be disabled without generating a remotely monitored alert and audit trail. Deploy full hard disk encryption (FHDE) and encryption and strong authentication solutions to protect internal communications between the genuine ATM PC core and ATM modules, including the dispenser. Disable access to the Windows desktop at the ATM and maintain a robust password management policy.
These are all relatively simple, common sense, and inexpensive countermeasures that can help protect your ATM and the cash inside of it. ASA subscribers can consult the ATM Malware, Black Box & Cyber Security Best Practices for additional countermeasures and strategies. Non-subscribers can join the fight against ATM crime today by becoming part of the ATM Security Association.