The US Secret Service is reporting there has been a increase in ATM jackpotting over the last six months. Traditional malware, black box and man-in-the-middle attacks have been reported in California, Colorado, Georgia, Idaho, Maryland, Minnesota, New York, North and South Carolina, Oregon, Pennsylvania, Tennessee, Texas, Utah and Washington.
The attacks are believed to be the work of seven criminal groups and have occurred across multiple ATM brands. According to the Secret Service alert, "the subjects were observed opening and accessing the ATMs using magnets and generic keys designed to unlock an ATM's exterior."
ATM Security Best Practices
ATM USA is recommending financial institutions, retailers and independent ATM deployers follow Best Practices to protect ATMs and the cash inside.
PASSWORDS
Double check passwords to ensure they are not set to default values.
Passwords should be 15 characters or more and be a combination of upper and lower case letters, numbers and special characters.
Never share passwords. Users should have their own username and password
With remote monitoring systems (RMS) being compromised in recent weeks, ALL REMOTE PASSWORDS SHOULD BE CHANGED IMMEDIATLY
LATEST SECURITY
Ensure your ATM(s) have the latest hardware, software, firmware and all security updates have been installed.
Operating systems and configurations need to be up-to-date.
ENCRYPTION
Implement multi-factor authentication throughout your ATM network.
Fully enabling TLS encryption on ATM hard drives, network communications and RMS.
LIMIT ACCESS
Limit physical access to ATM keys. Generic keys, which can often be bought online, can lead to unauthorized access.
Do not allow remote access to your ATM(s), communications system or RMS.
Remove any unnecessary users, especially to your RMS server.
Click Here to read additional ATM Security Best Practices
Response to Possible Jackpotting Incidents
If you suspect your ATM has been compromised, the Secret Service recommends the following steps:
Before opening the ATM, put on gloves to avoid contaminating any potential DNA evidence and fingerprints.
Photograph all components in place, including the hard drive and any attached devices before removing any unauthorized devices from the ATM.
Contact your local Cyber Fraud Field Service Office to report the incident.
Have Questions about ATM Security?
The ATM USA Technical Support Team is Ready to Help you Mitigate Your Risk
ATM USA Technical Support
1-877-260-2931
Comments