ATMs have been taken advantage of all across Asia and Europe for a number of years. The most common scheme is the jackpotting. The thieves don’t swipe card data in the scheme but hack the ATM machines to give over large amounts of cash.
How does jackpotting work? Attackers normally use an industrial endoscope to find a specific internal part of the ATM. They then attach a laptop and run malware into the system. Then they just need a little bit of physical force and help from the other members of the team to hit their jackpot. The US Secret Service has warned the people to look for similar signs and they estimated that ATMs can be hacked “at a rate of 40 bills every 23 seconds”.
The scheme that was prevalent in Asia and Europe has now made its way to North America. This has caused unrest in two of the world’s largest ATM makers. Both Diebold Nixdorf Inc and NCR Corp have made public statements about the criminal. Even though they did not comment on the amount of money lost, they did emphasize that the issue was a severe one.
“This should be treated by all ATM deployers as a call to action to take appropriate steps to protect their ATMs against these forms of attack,” the alert for NCR said. Diebold Nixdorf made a separate statement to say that the hackers were targeting the Opteva systems as informed by the financial authorities in the US. The particular system went out of production a few years ago but its systems are still operational around the world.
The ATMs falling victim to the jackpotting don’t have that big an issue from the manufacturers but from the device’s operators. Some of the machines that have fallen prey to hackers have been running XP, which is a 16-year old platform and lost support officially back in 2014.
A simple upgrade to Windows 7 or 10 would offer much better protection against the malware. An additional suggestion was to switch to back-loading ATMs rather than common front-loading machines. However, this is not a cheap solution as a single unit ranges from $2,500 to $10,000 and that does not include the accompanying software.
The trend is catching on more quickly than anticipated and experts believe that it will get worse before it takes a turn for the better.