{"id":15160,"date":"2016-10-14T19:19:21","date_gmt":"2016-10-14T19:19:21","guid":{"rendered":"https:\/\/kasperskydaily.com\/b2b\/?p=6162"},"modified":"2022-05-05T04:31:23","modified_gmt":"2022-05-05T08:31:23","slug":"atm-attacks-2","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com\/blog\/atm-attacks-2\/15160\/","title":{"rendered":"Multiple-ATM Attacks"},"content":{"rendered":"<p>In <a href=\"https:\/\/business.kaspersky.com\/atm-attack-1\/6109\/\" target=\"_blank\" rel=\"noopener nofollow\">a previous post<\/a> we showed you how easy it is for criminals to empty an ATM of its cash. However, a malware-laden flash drive isn\u2019t the only way to attack an ATM. Here\u2019s another example: This one lets crooks grab the cash from several ATMs at once.<\/p>\n<p><span class=\"embed-youtube\" style=\"text-align:center; display: block;\"><iframe class=\"youtube-player\" type=\"text\/html\" width=\"640\" height=\"390\" src=\"https:\/\/www.youtube.com\/embed\/N9DjtYO-coo?version=3&amp;rel=1&amp;fs=1&amp;showsearch=0&amp;showinfo=1&amp;iv_load_policy=1&amp;wmode=transparent\" frameborder=\"0\" allowfullscreen=\"true\"><\/iframe><\/span><\/p>\n<p>The attack still requires physical access, but it makes use of a device crafted to hook into the network instead of the ATM; the device connects the bank\u2019s network to a server operated by criminals. This \u00a0server mimics a processing center controlling all transactions carried out via the ATMs located on the same network. Such an action is possible if the network isn\u2019t segmented and if the security settings have errors.<\/p>\n<blockquote class=\"twitter-pullquote\"><p>Multiple-ATM Attacks: You don\u2019t need much\u2026 #security #banking<\/p><a href=\"https:\/\/twitter.com\/share?url=https%3A%2F%2Fkas.pr%2F2own&amp;text=Multiple-ATM+Attacks%3A+You+don%26%238217%3Bt+need+much%26%238230%3B+%23security+%23banking\" class=\"btn btn-twhite\" data-lang=\"en\" data-count=\"0\" target=\"_blank\" rel=\"noopener nofollow\">Tweet<\/a><\/blockquote>\n<p>The ATM model doesn\u2019t matter in this attack; everything comes down to the data exchange protocol \u2014 which is the same for all teller machines on the same network.<\/p>\n<p>With the criminal\u2019s device in place, any banking card can be used to withdraw cash; the rogue processing center approves the transaction and the ATM spits out the bills. When all of the cash is gone, a person with a key returns to the compromised machine, takes the device away, and plugs the bank\u2019s cable back in, thus removing all traces of the attack.<\/p>\n<p>To the average, law-abiding citizen, this attack may seem complex, but relatively speaking, it is not. And besides, the endeavor is quite a moneymaker. Thieves are willing to go to far greater lengths to rob ATMs. The primary issue they need to overcome is getting to the network cable. No authentication is required between the hardware units of the ATM and the bank\u2019s infrastructure, so plugging in a rogue device won\u2019t alert security systems.<\/p>\n<p>The above is just one example of the potential consequences of having insufficient ATM security.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>With accessible network cables and a lack of authentication between the ATM and the bank&#8217;s infrastructure, ATMs are far too easy to attack.<\/p>\n","protected":false},"author":2706,"featured_media":15315,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1999,3052],"tags":[401,111,1226,97],"class_list":{"0":"post-15160","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-business","8":"category-smb","9":"tag-atm","10":"tag-attacks","11":"tag-hardware","12":"tag-security-2"},"hreflang":[{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/atm-attacks-2\/15160\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/atm-attacks-2\/4257\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/atm-attacks-2\/15160\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/atm-attacks-2\/15160\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com\/blog\/tag\/atm\/","name":"atm"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/15160","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/users\/2706"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/comments?post=15160"}],"version-history":[{"count":5,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/15160\/revisions"}],"predecessor-version":[{"id":34823,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/15160\/revisions\/34823"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/media\/15315"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/media?parent=15160"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/categories?post=15160"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/tags?post=15160"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}