Protecting ATM Connections

Amid security threats, end users must consider IoT and M2M

  • By Julian Weinberger
  • Aug 01, 2017

The first Automated Teller Machine (ATM) machine was installed in 1967, dating back well before the millennium to a time when network security was unsophisticated. The rollout of ATMs was a global phenomenon, meeting bankers’ needs with instant cash distribution after business hours.

With the rising popularity of the Internet accessible machines, the need to protect connections between the disparate ATMs and the banks’ processing centers became critical.

Though the first ATM was unveiled 50 years ago, the basic components that make up an ATM have not changed significantly. Many banks still have 20th century ATMs in everyday use, which unfortunately, increases the risks of cyberattacks. The use of outdated, insecure software is widespread, and mistakes in network configuration are common while critical physical components are often not properly guarded.

At the same time, more and more ATMs are being connected to the Internet of Things. Search engines for Internet-connected devices, such as Shodan, only exacerbate security risks, allowing anyone to find the ATMs that are the most vulnerable. Without properly secured connections, stealing money remotely from ATMs is the cybercrime equivalent of taking candy from a baby.

Remote ATM Attacks

In 2016, banks in the United Kingdom, Russia, Netherlands and Malaysia were attacked by malware that allowed cybercriminals to take full control of cash machines.

The technique, known as touchless jackpotting, requires no physical tampering. Instead, it allows cybercriminals to attack poorly protected ATMs remotely, from anywhere in the world, via the global ATM network completely undetected by security services.

The number of touchless attacks on ATMs is on the rise. According to the European ATM Crime Report, 28 incidents were reported in the first half of 2016 (up from five during the same period in 2015).

Network Protection

Older ATMs that have recently been connected to machine-tomachine (M2M) environments are particularly at risk and some of the most vulnerable ATMs still do not have any network protection at all.

Despite some of the strictest regulatory obligations and their attractiveness to cybercriminals, it appears that retail banking is no different than any other sector in quickly moving forward with IoT while comprehensive security measures lag. The first step in protecting connections between large numbers of disparate ATMs and bank processing centers is to utilize Virtual Private Networks (VPNs), firewalls and MAC-authentication.

Protecting ATM Connections with VPNs

Although most bank ATM networks use advanced encryption to protect the sensitivity of the financial data being exchanged, the rise of remote ATM attacks show that many banks still have protective measures to take.

Securing ATMs with VPNs is comprised of four essential components.

Automatic/always-on connectivity. The VPN client is set to connect to the VPN automatically and remain connected. In the event of a disconnect occurring, due to network downtime for example, the VPN client look to reestablish the session as soon as the data connection comes back up.

Authentication. As everyone knows, ATM transactions are authenticated using two or three human factors namely the customer’s ATM card, their unique PIN and, in some cases, their fingerprint or retina scan. In modern ATMs the customer’s smartcard, in combination with a smartcard reader inside the machine, provides another layer of security to assist the digital side of the authentication process.

Management. Ultimately, ATM VPN connections should be centrally managed. A VPN management tool allows IT administrators to update configurations, upgrade software and manage certificates remotely. The only alternative is to perform the updates manually using a memory stick or CD, which requires giving someone physical access to every machine. Unfortunately, this can give those with criminal intent an opportunity to gain access to the machine, inject malicious software or attach a device inside the machine and take control over it.

High availability. Connections between ATMs located in the branch offices of banks or in retail stores and the main network must never break down. This means high network availability provided by a professional VPN system supported by several backup systems.

IoT and M2M Security

In summary, global ATM networks are fast becoming machineto- machine environments. As the Internet of Things starts to permeate every aspect of business, the need to protect the communications of machines both new and old is becoming more urgent. The age of some traditional ATMs and the primitive nature of the software they run on leaves additional security loopholes for cybercriminals to exploit.

Globally, cybercriminals have successfully carried out multiple remote hacks on ATMs, prompting the FBI to warn American banks to be on the lookout for similar attacks. Heists like these prove that poor remote connectivity can ultimately result in the loss of billions of dollars as well as identity theft and fraud.

The deployment of VPNs, coupled with prompt patching of every server on the network, is essential to secure interactions between thousands of ATMs communicating with their data centers. Comprehensive VPN software solutions fit easily into existing infrastructure and require no additional hardware. Moreover, data traffic is secured at the device itself so that no unencrypted traffic ever leaves the endpoint.

Financial institutions can stay protected by ensuring every device accessing their network has up-to-date firmware and by implementing network security technologies, such as intrusion prevention systems (IPS), and firewalls, within an in-depth defense framework to minimize potential attack vectors.

As analysts predict the number of M2M connected devices will grow from 12 billion to 50 billion by 2020, properly securing connections is urgent. By leveraging a VPN, endpoint devices can communicate through a secure encrypted tunnel, which makes it nearly impossible for an attacker to access an IoT device and breach a financial network.

This article originally appeared in the August 2017 issue of Security Today.

Featured

  • 5 Tips to Improve Your Password Security

    Change Your Password Day is right around the corner. Observed every year on February 1, the day aims to raise awareness about cybersecurity and underscores the importance of keeping passwords strong and up to date. Read Now

  • Enhancing Port Security

    DP World Yarimca, one of the largest container terminals of the Gulf of İzmit and Turkey, is a strong proponent of using industry-leading technology to deliver unrivaled value to its customers and partners. As the port is growing, DP World Yarimca needs to continue to provide uninterrupted operations and a high level of security.To address these challenges, DP World Yarimca has embraced innovative technological products, including FLIR's comprehensive portfolio of security monitoring solutions. Read Now

  • Hot AI Chatbot DeepSeek Comes Loaded With Privacy, Data Security Concerns

    In the artificial intelligence race powered by American companies like OpenAI and Google, a new Chinese rival is upending the market—even with the possible privacy and data security issues. Read Now

  • Survey: CISOs Increasing Budgets for Crisis Simulations in 2025

    Today, Cyber Performance Center, Hack The Box, released new data showcasing the perspectives of Chief Information Security Officers (CISOs) towards cyber preparedness in 2025. In the aftermath of 2024’s high-profile cybersecurity incidents, including NHS, CrowdStrike, TfL, 23andMe, and Cencora, CISOs are reassessing their organization’s readiness to manage a potential “chaos” of a full-scale cyber crisis. Read Now

Most   Popular

New Products

  • PE80 Series

    PE80 Series by SARGENT / ED4000/PED5000 Series by Corbin Russwin

    ASSA ABLOY, a global leader in access solutions, has announced the launch of two next generation exit devices from long-standing leaders in the premium exit device market: the PE80 Series by SARGENT and the PED4000/PED5000 Series by Corbin Russwin. These new exit devices boast industry-first features that are specifically designed to provide enhanced safety, security and convenience, setting new standards for exit solutions. The SARGENT PE80 and Corbin Russwin PED4000/PED5000 Series exit devices are engineered to meet the ever-evolving needs of modern buildings. Featuring the high strength, security and durability that ASSA ABLOY is known for, the new exit devices deliver several innovative, industry-first features in addition to elegant design finishes for every opening.

  • EasyGate SPT and SPD

    EasyGate SPT SPD

    Security solutions do not have to be ordinary, let alone unattractive. Having renewed their best-selling speed gates, Cominfo has once again demonstrated their Art of Security philosophy in practice — and confirmed their position as an industry-leading manufacturers of premium speed gates and turnstiles.

  • QCS7230 System-on-Chip (SoC)

    QCS7230 System-on-Chip (SoC)

    The latest Qualcomm® Vision Intelligence Platform offers next-generation smart camera IoT solutions to improve safety and security across enterprises, cities and spaces. The Vision Intelligence Platform was expanded in March 2022 with the introduction of the QCS7230 System-on-Chip (SoC), which delivers superior artificial intelligence (AI) inferencing at the edge.