When considering in-person branch security, both electronic and physical elements may easily come to mind. To name a few, NVR (Network Video Recorder) surveillance systems deter criminals and silently watch your branch footprint; access control systems control movement in buildings and zones; and ATMs (automated teller machines) or ITMs (interactive teller machines) have security measures in place to ensure they’re not tampered with.
Cybersecurity is intertwined with all of these electronic and physical security layers. Below, we’ll provide examples of products at your branch that have cybersecurity vulnerabilities, as well as how to prevent incidents from occurring. We will also provide guidance on ensuring smooth communication between your IT and cybersecurity teams.
Which security products in my branch have cybersecurity vulnerabilities?
NVR systems, such as the Verint NVR EdgeVR 300, provide electronic surveillance both inside and outside your branch, using digital or hybrid IP cameras to monitor the premises and store information to a cloud-based server. While these are significantly improved in quality and security from their analog DVR (digital video recorder) ancestors, they are not immune to cyber threats. A hacker who infiltrates the wireless network to which the NVR system is connected can then manipulate real-time streaming protocols (RTSP) and replace the security footage with another feed.
While it sounds like the plot of a Hollywood heist, this type of attack can be easily accomplished if the NVR system is not properly encrypted. While most NVR systems and IP cameras come with a certain basic level of encryption, the preferred way to prevent this breach is ensuring a stronger encryption, including HTTPS/SSL.
In a recent blog post, we outlined access control systems and their purpose for locking and unlocking buildings and zones within your financial institution. They electronically authenticate credentials, most often from a card or key fob, and use a control panel to accept or deny information from the reader. Since an access control system is connected to the Internet of Things (IoT), it is susceptible to a few different kinds of cyber-related attacks.
Genetec explains further, “Skimming attacks, for example, occur when a cybercriminal uses their own reader to access a user’s credential information without their knowledge or consent. In an eavesdropping attack, a cybercriminal poaches data while it’s being transmitted over a network. With an evolving list of cyber threats and the growth of the IoT, cybercriminals can move throughout a breached network to gain control of other security systems or obtain personal information from internal records.” Installing the most up-to-date access control system can insulate your branch from the holes left by legacy systems, and encrypting your Internet connection can again deter criminals from accessing sensitive information, as well as your facilities.
In the realm of ATM and ITM security, would-be criminals often try to exploit vulnerabilities through malware, or software designed to manipulate or interrupt another system, which manipulates the ATM or ITM without stealing data from clients’ cards. One article explains, “The ATM malware allows criminals to identify the amount of money in each cash cassette and manipulate the machine to dispense it. Kaspersky Lab has identified infections in over 50 ATMs, mainly in Eastern Europe, but they have also been found in the United States and other countries.” In many cases, a criminal uses social engineering to manipulate a branch employee into thinking that they come from an ATM/ITM servicing company, thus giving them access to install the malware locally. In other cases, criminals deploy the malware remotely to manipulate the ATM or ITM into dispensing cash.
Cybersecurity actions against ATM/ITM breaches include training employees against social engineering, regularly reviewing all user access to ATM/ITM administrative functions, and ensuring secure placement of your machine so that it can be easily monitored by staff. Keeping your machine’s software up to date on all patches is also extremely important to protect any potential areas of infiltration. Lastly, hiring Wittenbach’s Managed Services is a great way to ensure proper maintenance; our team remotely performs patch management, diagnostics, and status monitoring to keep your units safe.
Best practices to drive collaboration between physical security and cybersecurity teams
Now that you understand the delta between branch security and cybersecurity, we will share reasons for enabling seamless collaboration between those teams within your organization. When they make a concerted effort to bridge the gap and maximize branch security, your investments in ATMs/ITMs, NVR systems, and access control products will be properly maintained and protected from vulnerabilities.
Converge says, “It used to be simple: electronic security was tasked with keeping employees and enterprises safe from physical threats while cybersecurity was tasked with keeping employees and enterprises safe from online threats. But now that technology has started to blur these lines, it’s difficult for teams to know who should be responsible for devices, purchases, and overall management.”
In simpler terms, the IT teams who purchase branch security products may not be as well-versed in insulating them from hackers and other threats, so joining forces with cybersecurity experts is prudent to the health and longevity of those systems.
Magazine Network World identifies the main points that cross-collaboration can address: the need for quality data, a lack of common skills, reducing complexity, a lack of budget for resources, architecture simplification, and more. They reiterate that when these teams come together, the exchange of knowledge, data, and even financial resources can ensure that information and funds are flowing to areas of technological need. In the context of your branches, this can mean coordination of software updates, protective encryption, and regular maintenance.
A thorough understanding of the links among physical, electronic, and cybersecurity at your financial institution will help your staff to collaborate in preventing breaches. Contact Wittenbach’s experts today to learn how we can maintain your investments and ensure your security efforts are optimized.
