By Kathleen Glass
FFIEC recently issued a statement cautioning financial institutions about ATM fraud threats.
The threat that can drain large sums of cash from ATMs in seconds is called “Unlimited Operations” – a type of ATM Cash Out Fraud. It is engendered by gaining access to ATM control panels. The process takes multiple steps, the first being the insertion of malware into the bank network that steals employee login credentials, then the theft of PINS through Point-of-Sale (POS) malware or skimming. Once the credentials and PINS are obtained, the criminals gain control of ATM control panels and organize attacks on multiple ATMs.
This type of attack relies on vulnerabilities in multiple banking systems. If banks are utilizing traditional AV applications and old ways of thinking about security, then that won’t be enough protection. In the recently published 2014 NTT Group Global Threat Intelligence study http://bit.ly/1hU8B0T by the NTT Innovation Institute, it was found that traditional anti-virus applications “fail to detect 54 percent of new malware”. They also conclude that, ‘Good enough’ basic security needs to be replaced with ‘well executed’ – and that includes managing the perimeter.
This is why Wontok has developed a suite of solutions for banks and other financial institutions that work to protect a number of vulnerable points: individual employees accessing the network (either inside or outside the firewall), ATMs and POS terminals. All of these endpoints are susceptible to planned malware attacks. In particular, ATMs have been the forgotten child of the banking community, remote and difficult to update, left alone on their Windows XP platforms. As the end of support nears tomorrow, ATMs need to be included in the updated approach to preventative security.