As ATM jackpotting has become a more common crime in the US, financial institutions have identified how to fight back against this new form of attack. Since an ATM jackpotting attack can be over in minutes, and it can occur at any time. ATMs may be susceptible to these attacks, even if they appear to be secure. In this blog we will discuss what ATM jackpotting is and ways to fight back.
What Is ATM Jackpotting
ATM jackpotting is when a hacker exploits the vulnerabilities of an ATM and forces it to dispense its cash reserves. Jackpotting requires physical access and a connection to a machine, along with a rogue device. A rogue device is any portable computer used to access the ATM and attack it. Any antivirus software is bypassed, and hackers can install malware. They can even install a new hard drive and reboot the ATM. This entire attack may happen in only a few minutes.
Unlike the vault-like compartment of an ATM, which is highly secure, an ATM’s top compartment is more easily accessible. This can be accessed either by purchasing a key online (many ATM terminals use a common key) or by jimmying the lock. If an ATM jackpotting attempt is successful, a hacker can access all of the funds in the ATM.
One example of a rogue device used for an attack is black boxes. A black box may be a Raspberry Pi, laptop, or other small portable device that is designed to mimic the ATM’s internal computer. They can either be connected to the dispenser directly and order the ATM to dispense cash, or they can be connected to the ATM network and intercept cardholder data that is relayed between the ATM machine and the transaction center that processes the data.
A different method involves using a USB device and plugging it into the ATM’s USB port. After the malware is installed, the money is collected. The ATM terminal is instructed to dispense a certain amount of money or empty its cassette completely.
An ATM jackpotting attack may not be discovered right away. Your financial institution or retail location may not even notice anything is awry until the ATM is out of cash. The attackers may have acted in the middle of the night. They may have even disguised themselves as a tech expert or repairmen, blending into the environment to avoid suspicion.
The most vulnerable ATMs are standalone ATMs, ATMs offsite of a financial institution’s site, or both. These ATMs may receive less traffic than ATMs in more populated locations. They may lack the security of ATMs at other locations, such as comprehensive video monitoring. These factors can make them a prime target for jackpotting. However, jackpotting can occur at any ATM, even at financial institutions. ATM jackpotting attacks can be over quickly, which means multiple ATMs, or multiple locations, can be hit within hours.
No one wants repeated attacks on their ATMs, and no customer trusts a financial institution that cannot keep their ATMs secure.
ATM jackpotting is relatively new to the U.S., having occurred for the first time around 2018. However, it has been around much longer in other parts of the world.
How to Fight ATM Jackpotting
Good security requires more than one approach to keep ATMs safe from jackpotting.
For example, simply keeping regular security updates current can be an important first step. Your team needs to make sure that firewalls, antivirus, and other security software get updated according to a regular schedule or as updates are available.
The ability to boot into a safe or debugging mode can also make an ATM vulnerable to attack. Attackers may take advantage of a machine’s “auto start and boot” function, so it is best to disable these features.
Hyosung Innovue has a patch update called BlueVerse™ that will assist in patching the existing software. It now comes standard on all Hyosung Innovue ATMs. For more information on BlueVerse, tune into the Wittenbach/Hyosung webinar on 10/25/2023.
ATMs should be routinely monitored for suspicious activities. These activities may include multiple failed login attempts or requests for large amounts of cash from accounts with little or no money in them.
Your staff should always be aware of when your ATMs will be serviced. This will make it harder for attackers to blend in and disguise themselves as service techs. Our Tech on the Way program was designed for transparency, letting the customer know when a technician would arrive, their name, and providing them with a way of securely communicating with them within the system.
Finally, increasing physical security around your ATMs is a simple, quick solution that can deter ATM jackpotting and other crimes. This may include hiring additional security staff.
However, security staff cannot monitor every location around the clock for every incident, and they may lack the training needed to detect jackpotting attacks. For more comprehensive 24/7 monitoring, implement electronic security solutions. These solutions may include video surveillance, intrusion alarms, access control, or some combination of these solutions.
Fight Back Against ATM Jackpotting
For close to five decades, Wittenbach has protected our clients with our security solutions. Throughout the Midwest and East Coast, we protect financial institutions of all sizes. If you are looking to fight back against ATM jackpotting, our security solutions can help. We can tailor a solution to your needs.
Schedule a tour of our Solutions Center outside of Baltimore to explore options in person and discuss solutions with our industry experts.
Not in the area? No problem. Contact us about your security needs and speak to one of our experts.