by Tony Mercer, Director of Operations
We’ve recently been notified of Man-In-The-Middle attacks that have resulted in attackers jackpotting ATMs. The most recent attacks are connected to unsecure Remote Monitoring Systems (RMS). Still under investigation, these attacks occurred in Pennsylvania and it is believed the attackers are still active, and additional attacks are possible.
How to Protect Your ATMs from These Attacks
If you operate your own RMS program, we recommend you perform the following changes immediately:
Change All RMS & Remote Passwords and double check that passwords are not set to default values.
Do Not Allow Remote Access to Your RMS Server. If limiting access is not possible, use dual-authentication and make sure each user has their own login.
Never Share Passwords between accounts including RMS servers, RMS services, and remote access clients.
Enable TLS & Verification Features on your ATMs - for both RMS and Host authentication.
Remove Any Unnecessary Accounts. Review all user accounts that have access to RMS servers and remote access clients.
Configure Passwords to Not be Easily Guessable. We recommend passwords that are 15 characters or greater.
If you're running your own RMS system and have questions, contact the ATM USA Technical Support team to discuss how you can mitigate your risks.
ATM USA Technical Support
1-877-260-2931
Comments