Banks are coming under attack from a new spate of malware that allows cyber criminals to take control of cash machines.
The attack, which has affected banks in countries including the UK, Russia, the Netherlands and Malaysia, allows criminals to force groups of cash machines to issue cash which can be collected by thieves.
No physical tampering is required, said cyber security firm Group IB, which revealed the attacks. The technique is named “touchless jackpotting”.
The tools used to conduct the attack are widely available in public sources and the shortest time taken to successfully conduct an attack was 10 minutes.
Dmitry Volkov, Head of the Investigation Department and the Bot‑Trek Intelligence service at Group IB, said that this kind of attack on ATM machines may become “one of the key threats targeting banks”.
Indeed, the number of logical attacks on ATMs is on the rise, according to the European ATM Crime Report by European ATM Security Team. In the first half of 2016 28 incidents were reported (all ‘cash out’ or ‘jackpotting’ attacks), rising from 5 during the same period in 2015.
These led to losses of €0.4 million, around 0.2 percent of total ATM fraud losses recorded in the period.
Volkov said that they “enable cybercriminals to commit fraud remotely from anywhere globally and attack the whole ATM network without being ‘on the radar’ of security services.
“That said, this type of attack does not require development of expensive advanced software – a significant amount of the tools used are widely available on the deep web. Every bank is under threat of logical attacks on ATMs and should be protected accordingly.”
Cyber security at banks has faced greater scrutiny due to the high-profile attack on the Bangladesh Central Bank using the SWIFT messaging service. The attack saw over $80 million stolen.