INTERNET OF THINGS
PROTECTING ATM CONNECTIONS
Amid security threats, end users must consider IoT and M2M
By Julian Weinberger
The first Automated Teller Machine (ATM) machine was installed in 1967, dating back well before the millennium to a time when network security was unsophisticated. The rollout of ATMs was a global phenomenon, meeting bankers’ needs with instant cash
distribution after business hours.
With the rising popularity of the Internet accessible machines, the need to protect connections between the disparate ATMs and the banks’ processing centers became critical.
Though the first ATM was unveiled 50 years ago, the basic components that make up an ATM have not changed significant- ly. Many banks still have 20th century ATMs in everyday use, which unfortunately, increases the risks of cyberattacks. The use of outdated, insecure software is widespread, and mistakes in network configuration are common while critical physical com- ponents are often not properly guarded.
At the same time, more and more ATMs are being connected to the Internet of Things. Search engines for Internet-connected devices, such as Shodan, only exacerbate security risks, allowing anyone to find the ATMs that are the most vulnerable. Without properly secured connections, stealing money remotely from ATMs is the cybercrime equivalent of taking candy from a baby.
Remote ATM Attacks
In 2016, banks in the United Kingdom, Russia, Netherlands and Malaysia were attacked by malware that allowed cybercriminals to take full control of cash machines.
The technique, known as touchless jackpotting, requires no physical tampering. Instead, it allows cybercriminals to attack poor- ly protected ATMs remotely, from anywhere in the world, via the global ATM network completely undetected by security services.
The number of touchless attacks on ATMs is on the rise. Ac- cording to the European ATM Crime Report, 28 incidents were reported in the first half of 2016 (up from five during the same period in 2015).
Network Protection
Older ATMs that have recently been connected to machine-to- machine (M2M) environments are particularly at risk and some of the most vulnerable ATMs still do not have any network protection at all.
adriaticfoto/Shutterstock.com
Despite some of the strictest regulatory obligations and their attractiveness to cybercriminals, it appears that retail banking is no different than any other sector in quickly moving forward with IoT while comprehensive security measures lag.
The first step in protecting connections between large numbers of disparate ATMs and bank processing centers is to utilize Virtual Private Networks (VPNs), firewalls and MAC-authentication.
Protecting ATM Connections with VPNs
Although most bank ATM networks use advanced encryption to protect the sensitivity of the financial data being exchanged, the rise of remote ATM attacks show that many banks still have pro- tective measures to take.
Securing ATMs with VPNs is comprised of four essential components.
Automatic/always-on connectivity. The VPN client is set to connect to the VPN automatically and remain connected. In the event of a disconnect occurring, due to network downtime for example, the VPN client look to reestablish the session as soon as the data connection comes back up.
Authentication. As everyone knows, ATM transactions are authenticated using two or three human factors namely the cus- tomer’s ATM card, their unique PIN and, in some cases, their fin- gerprint or retina scan. In modern ATMs the customer’s smart- card, in combination with a smartcard reader inside the machine, provides another layer of security to assist the digital side of the authentication process.
Management. Ultimately, ATM VPN connections should be
NS12
0817 | NETWORKING SECURITY