Originally published by Replay Magazine August 20, 2024
The National ATM Council recently reported on several recent cyber-attacks targeting ATM operators.
ATM manufacturers Genmega and Hyosung have been working directly with the FBI and Secret Service to combat the attacks, in which criminals are “modifying terminal settings to replace the legitimate ATM host processor with a fraudulent server to falsely authorize high-dollar withdrawal transactions.” Known as a man-in-the-middle or jackpotting, these attacks are not restricted to any particular manufacturer or ATM model.
Wes Dunn, Genmega Chief Revenue Officer, and Hyosung Chief Operating Officer Nancy Daniels strongly recommend the following actions to protect both retail and financial institution ATMs:
Ensure remote monitoring software (RMS) is protected with proper IT and network security, such as running behind a tightly configured firewall.
Change all default or easily guessed passwords used to gain access to ATM configuration settings. Never write down the password on or in the ATM (even inside the cabinet).
Change all passwords on RMS software, both on workstations and databases.
Enable Transport Layer Security (TLS) communications between the ATM and the host processor. Recent software releases enable TLS by default, but older software or misconfiguration may result in it being able to be disabled.
If ATM USA manages your ATM(s), you can rest assured we have taken all precautions to fortify security to prevent skimming, card trapping, jackpotting and other common attacks designed to steal customer data and/or the cash inside the machine, and to keep your ATM operating properly.
If you own and cash load your own ATM(s), please reach out to the Technical Support Team by phone at 1-877-260-2931 or email service@atmusa.com for assistance in ensuring your software is up to date.
ATM USA Technical Support
1-877-260-2931
Comments