Last week, Brian Krebs broke news that the first “jackpotting” attack had been confirmed in the United States. In July 2016, hackers in Taiwan managed to steal more than $2 million using the malware to manipulate ATMs into spitting out money. The scheme quickly spread across parts of Asia, Europe and Central America. In November 2016, the FBI issued a warning regarding the targeting of the United States financial sector using the malware “jackpotting” theft.
The news, then, should be of little surprise and work by regulators should be well implemented with regard to updated software, patches and known vulnerabilities. In an August 31, 2016 article in BankInfoSecurity, the details of “ripper” malware were documented in the theft from 21 ATMs in Thailand. That article went on to detail the relationship between the earlier incident in Taiwan and the similarity in malware involving the Thailand attack. Europol launched an investigation and made arrests of some culprits, but given the complexity of the crime, there’s little doubt others escaped capture.
The good news is that there are still steps that can be taken to provide some protection against similar attacks. Diebold provided a bulletin regarding protections, updated on January 25, 2018. This advisory recommends limiting physical access to an ATM, implemented protection mechanisms for cash modules including updated firmware, and additional security measures that include monitoring, encryption of hard-disks, investigation of suspicious activities and ensuring the operating system, software stack and configurations are all up-to-date. The good news is that experts advise the stand-alone ATMs are most vulnerable, meaning non-branch or front-load ATMs are more exposed than those traditionally used and installed by financial institutions. The exposure nevertheless is real.
The bad news is that this theft or scheme won’t be the last, and represents a large exposure in a larger world of potential exploits. From breaches to skimmers, hackers will always look for a way to game the system. As technology drives progress towards less friction and better customer experiences, that will expose unintended weaknesses that fraudsters will try to manipulate. As this scheme illustrates, intentional controls and procedures are needed to ensure proper software update, that access is controlled, and that systems have a clearly defined lifecycle within organizational strategic plans.
Make Sure Your Financial Institution Clients Have The Right Coverage For Their Foreclosed Properties
Contact any one of the FI insurance experts below for help in making sure your FI customers have the right coverage from a strong, stable company!