ATM Black Box Attacks

ATM Attacks

ATM Jackpotting

Money flying out of the machine. The winners smiling. Most likely night-time. No, I’m not describing the Vegas Strip at peak time. I’m describing the ATM around the corner from where you are now. However, before you jump up from your seat to cash in on the thousands of dollars coming out of the machine, you should be warned that this is the result of ATM attacks.

ATM jackpotting allows hackers to, well, hit the jackpot. These attacks are commonly seen in Europe but pose a real threat to the rest of the world. They are carried out by simple devices, known as black boxes. So, if you are strapped for cash, read carefully because soon you will know exactly how to hit the jackpot. And you won’t need to travel to Vegas to do it.

An ATM is made up of two main parts: the cabinet and the safe. The former is the main body, and holds the ATM computer, which is connected to all the other devices. Luckily for you, the cabinet is practically unprotected, making it easy to gain access. The latter is more secure and contains only the cash dispenser and cash acceptance module. Yes, the cash dispenser is the most important part in this whole operation, but thankfully you will only need access to the cash dispenser cable, which is located outside the safe, to successfully execute this attack.

By gaining access to the top box of the cash machine, you will be able to bypass the main board communications and disconnect the physical dispenser from the ATM PC core. This is when you attach the periphery device (the black box) directly to the dispenser whereby you can initiate cash dispensing commands.

Leaving no trace

The best part is that you will not leave a trace on the target’s payment terminal as the attack relies on the outputs produced by the ATMs in response to your inputs. Furthermore, you can disable checks that verify legitimate access, as well as other security mechanisms, to go undetected (#winning). The perfect time to do this would be in your lunch break as this will only take you 10 minutes. This leaves more than enough time to treat yourself to a nice meal at Nobu, what with all that extra cash burning a hole in your pocket. The icing on the cake when it comes to ATM black box attacks is that almost 70 per cent of ATMs are vulnerable to them. So that ATM you walk past everyday is most likely a great target.

If the Kardashians are making money from being famous, then you can make money in an unconventional way, too. Who’s got time for a 9-5 nowadays anyway?

Get your money’s worth

Heavy spending on cybersecurity should bring a high return on investment, yet gaps in visibility limit this. Sepio Systems’ Hardware Access Control (HAC-1) solution provides a panacea to gaps in device visibility to ensure you are getting the most out of your cybersecurity investments. HAC-1 integrates with existing solutions, such as NAC, EPS, SIEM and SOAR, to enhance the organization’s cybersecurity posture. HAC-1’s deep visibility capabilities mean no device goes unmanaged; the solution identifies, detects, and handles all IT/OT/IoT devices. Moreover, HAC-1’s policy enforcement mechanism and Rogue Device Mitigation capabilities instantly block any unapproved or rogue hardware. In doing so, ultimately, HAC-1 enables a Zero Trust Hardware Access approach which stops attackers at the first line of defense.

HAC-1 has successfully detected and blocked rogue devices at top tier banks’ ATMs. Give us just 24 hours to show you how we can protect your ATMs and stop you from becoming an attacker’s next slot machine.


Sepio platform uses a novel algorithm, a combination of physical layer fingerprinting module coupled with a Machine Learning module – providing the sought-after visibility and enforcement level, it is further augmented by a threat intelligence database – ensuring a lower risk hardware infrastructure.

Hardware Assets Control solution for iot security

Sepio Systems Hardware Access Control HAC-1, provides 100% hardware device visibility.

HAC-1 enables Hardware Access Control by setting rules based on the devices characteristics.

HAC-1 instantly detects any devices which breach the set rules and automatically block them to prevent malicious attacks.

The idea is to Verify and then Trust that those assets are what they say they are.

Sepio Systems HAC-1 brings the ultimate solution to zero trust adoption by providing 100% hardware device visibility for Healthcare Industry

With greater visibility, the zero-trust architecture can grant access decisions with complete information.

Thus, enhancing the enterprise’s protection within, and outside of, its traditional perimeters.

The Hardware Access Control capabilities of HAC-1, block Rogue Devices as soon as they are detected

Our HAC-1 solution stops an attack at the first instance, not even allowing such devices to make network access requests.

Sepio Systems Hardware Access Control HAC-1 provides 100% hardware device visibility. No device goes unmanaged. Rogue Devices are block as soon as they are detected. HAC-1 solution stops an attack at the first instance, not even allowing such devices to make network access requests.

Physical Layer Fingerprinting

Sepio Systems is the only company in the world to undertake Physical Layer fingerprinting. HAC-1 detects and handles all peripherals; no device goes unmanaged.

With this total visibility, a stronger cyber security posture is achieved. There is no longer needed to rely on manual reporting or employee compliance. Sepio Systems manage security and provides answers to questions such as:

  • Do we have an implant or spoofed device in our network?
  • How many IoT devices do we have?
  • Who are the top 5 vendors for devices found in our network?
  • Where are the most vulnerable switches in our network?

Having visibility across all hardware assets provides a more comprehensive cyber security defense. Reduce the risk of a hardware attack being successful and our private health data being stolen.

Leave a Reply