A recent warning issued to banks by the FBI reads like the script for a Hollywood movie: cybercriminals are plotting a sophisticated, global “ATM cash-out” using cloned credit cards to fraudulently withdraw millions of dollars in just a few hours. A few days later, reports of a $13.5 million heist of 25 ATMs across Canada, Hong Kong and India confirmed the reality that ATMs are a prime target for hackers.
A New Era of Security Threats
Rapid technology advances, the emerging dark web and neglect have created vulnerable ATM networks worldwide and threats to ATM security expand far beyond the cash inside them. To hackers, ATMs are a “welcome mat” to corporate networks where valuable customer information is stored, and few banks realize the varying scope of threats they face. Some of the specific threats posed to ATM networks today include “Man in the Middle” attacks, software distribution spoofing, remote desktop access attacks, and both network and device malware attacks.
While hackers are continuously evolving their technologies and tactics, ATM and banking technologies have been alarmingly slow to upgrade and adapt to new security threats – and customers are taking note and losing trust in their banks. According to the Unisys Security Index™, security concerns regarding identity theft rank as the top concern of consumers globally, with 65 percent of those surveyed saying they are seriously concerned.
The fact is, the promise of digital and multiple endpoints creates vulnerabilities that can shake the foundation of consumer trust for banks of all sizes, from global institutions to local credit unions. The FBI warning was not the first of its kind and did not come as a surprise. More importantly, the financial services industry can expect these types of attacks to continue.
Finding Solutions through Microsegmentation
Given the potential scope of these new threats to ATMs, banks must take steps to defend against internal and external attacks. Some emerging technologies to help combat these threats include encryption to protect data between endpoints and microsegmentation – partitioning networks to shrink the potential attack surface and prevent attacks from spreading across a network. By dividing an ATM network into multiple, highly-secure logical segments, microsegmentation can make it undetectable to unauthorized users, dramatically reducing cybersecurity risk and enabling compliance.
Encrypted microsegmentation solutions use advanced cryptography to render endpoints undetectable and encrypt all data in motion. They can also protect data and enable critical assets such as servers, workstations, ATMs and Internet of Things (IoT) devices, to safely communicate through secure, encrypted channels. This helps to dramatically lower the risk of exposure in the event of an attack. By enforcing security policies by role or identity instead of physical location or complex firewall rules, security moves with the user and is easier to manage.
These new solutions are typically software-based, meaning that they are easy to adopt and integrate into existing networks, limiting changes to applications or interruptions to ATM operations. Most importantly, however, these types of emerging security tools can help address ATM network security vulnerabilities and advance the protection of customer data, as well as strengthen and protect a bank’s brand reputation.
About the Author
Eric Crabtree is a Vice President and Head of Unisys Financial Services for Blue Bell-based Unisys Corporation. He can be reached at eric.crabtree@unisys.com.
