End-to-end automated teller machine (ATM) network protection encompasses multiple security layers. Is it not enough to simply protect ATM endpoints to ensure the security of a bank’s finances. Instead, security teams at financial institutions must take a more advanced approach to ATM network protection.
ATM security has always been a hot-button issue for banking institutions because these machines are inexhaustible sources of fortune for cybercriminals. Nowadays, the problem of ATM security is even more acute. Fraudsters have become more sophisticated in their methods, and security analysts often have to protect entire ATM networks rather than individual endpoints.
Three Types of ATM Threats
There are three types of ATM security threats, each with a different target:
- Physical threats to ATM hardware, the earliest and most straightforward ATM threat;
- Skimming, a fraudulent technology designed to steal customers’ ATM cards to access finances; and
- Threats to ATM network software, which target the entire ATM network to get money through the network’s unsolicited administration.
Let’s take a closer look at threats to ATM network software. Such attacks can be qualified as advanced persistent threats (APTs) because the perpetrators employ sustained intrusion techniques that require sophisticated engineering.
First, the attackers breach the bank’s network to gain access to the ATM controlling server, which leads them to individual endpoints. There, they deploy malware with modified code. The code allows them to control internal ATM commands, such as triggering a cassette receiver or a cash dispenser. In fact, this is how cybercriminals create botnets: The ATM controlling server becomes a command-and-control (C&C) server that instructs multiple infected endpoints to dispense cash when one threat actor sends a signal from a particular ATM.
A Basic ATM Network Protection Strategy
An ATM network is no different from any other network: It consists of ATM…