ATM Cyber Attack

ATM Cyber Attacks

ATM cyber attacks refers to any unauthorized attempt to exploit ATMs vulnerabilities with the purpose of gaining access to cash or sensitive information. One of the main threats to ATM security is jackpotting cyber attacks that instructs the machine to dispense cash at a rapid pace.

Automated teller machines (ATMs) are a prime target for hackers due to the amount of money inside of them and the easy access to obtaining it. Some ATMs are filled with over $2,000 a day. That’s $14,000 a week. And $56,000 a month. Give or take the money going out from transactions, that is still a hefty sum of money….

ATM Cyber Attacks and Rogue Devices

ATM attacks have become more frequent. With the European Association for Secure Transactions (EAST) reporting a 269% increase in logical attacks between 2019 and 2020 (‘Black Box’ and Physical Attacks Against ATMs Surge).

In 2021, two criminals carried out black box attacks across Europe and stole more than $273,000 from ATMs. However, direct monetary loss is not the only financial implication of ATM jackpotting attacks. Additional consequences, such as reputational damage and loss of customers, incur long-term fiscal impacts.

The worldwide presence of ATMs means jackpotting cyber attacks are a global threat. In Europe, Diebold Nixdorf, a leading ATM manufacturer, issued an alert warning about the rising number of jackpotting cyber attacks in 2023

Hardware attack tools (collectively known as Rogue Devices) operate on Physical Layer and do not get detected by existing security software solutions, such as NAC, IDS, EPS. Due to a lack of physical layer visibility their covert nature means Rogue Devices bypass security controls. Making them extremely harmful attack tools.

By attaching a spoofed peripheral or hidden network implant to the ATM, bad actors can carry out jackpotting cyber attacks without raising security alarms. Moreover, the sophistication of these devices allows perpetrators to carry out their attacks remotely, thus increasing their anonymity and reducing the risk of getting caught.

Black Box Attack Exposure
Positive Technologies 2018

Sepio Protects your Hardware Devices on Physical Layer

Heavy spending on cybersecurity should bring a high return on investment, yet gaps in visibility limit this. Especially in the face of emerging threats like Jackpotting ATM cyber attacks (ATM Cyber Security).

Sepio’s platform provides a panacea to gaps in asset visibility to ensure you are getting the most out of your cybersecurity investments. Sepio integrates with existing solutions, such as NAC, EPS, SIEM and SOAR, to enhance asset risk management for financial institutions. The platform’s deep visibility capabilities mean no device goes unmanaged. Identifying, detecting, and handling all IT/OT/IoT devices, including those critical to preventing jackpotting ATM cyber attacks.

Sepio has successfully detected and blocked rogue devices at top tier banks’ ATMs. Give us just 24 hours to show you how we can protect your ATM and stop you from becoming an attacker’s next slot machine.

See every known and shadow asset. Prioritize and mitigate risks.
Talk to an expert. It will help you understand how to use Sepio’s patented technology to gain control of your asset risks.

ATM Jackpotting (PDF)
July 19th, 2022