Cybercriminals targeting ATMs and POS machines had to take a break with the rest of the world during the pandemic as worldwide lockdowns forced the closures of brick-and-mortar businesses, restaurants and stores. Online business surged and in-person cash and card transactions dipped. However, two years on, as business returns to normal and people go back to pre-pandemic ways of spending, the cybercriminals are back and, it seems, with a vengeance!
According to Kaspersky, “(i)n the first eight months of 2022, the number of unique devices hit by ATM/PoS malware grew by 19% as compared to the same period in 2020, and by nearly 4% compared to 2021”. Countries such as Russia and Brazil saw many of these hits, mostly due to the fact that their machines tend to be older and software is outdated. Hackers can more easily break through to payment hardware if the software, including protection updates, is out of date. They have also been targeting areas of new economic growth, such as certain areas of Africa seeing new investment and development resulting from relations with China.
Generally speaking, POS machines tend to see more attacks as there is less attention to cybersecurity for these types of machines, which are largely used in retail stores and restaurants – high traffic establishments. ATMs see less attacks by comparison, as, in most cases, they are the property of banks which have the capital to invest in high levels of cybersecurity. However, independent ATM operators may not have the capital needed for the same levels of security, and may therefore be more vulnerable to criminal attacks.
As a machine specifically made to handle large amounts of cash, ATMs and their users will always be targets of money-hungry criminals – cyber and otherwise. Malware is obviously not the only threat to operators and consumers. Card skimming (reading information from the magnetic stripe on the back of payment cards) used to be one way that criminals could use ATMs to steal money from unsuspecting people. However, with the introduction and now mandatory use of EMV chips on cards, which encrypt the sensitive information, it will be harder to scam people in this way. ATM operators must ensure that their machines are up to date to accept the newer, more secure card technologies.
Of course, new technologies bring a new set of problems. With some big banks announcing upgrades to their ATMs to incorporate mobile technology – where one would use an app on a mobile phone, instead of a card to withdraw cash – there will be different avenues for compromises. Security breaches on mobile apps as well as out of date software or misconfigurations will soon have an effect on ATM security once the linkage is there.
It is more important now, than ever before, to ensure that machine hardware is up to date and that the processing vendors are constantly updating their own services with globally-accepted, industry-standard protocols and security measures, in order to ensure the safety and security of consumers and operators alike.
If you have any concerns or questions, please feel free to reach out to us.
Sources:
https://securelist.com/atm-pos-malware-landscape-2020-2022/107656/
https://www.upguard.com/blog/biggest-threat-to-atm-security-is-misconfiguration