Cyber attacks on financial institutions are on the rise. Cyber security for financial institutions is paramount. The sector’s importance in national economies makes it a prime target for cybercrime organizations;
Cyber threats are 300x more likely to target the financial services industry than companies in other sectors. When targeted, most often a financial institution will suffer from severe data theft causing a substantial financial loss of up to hundreds of millions of dollars.
HAC-1 Use Cases for Financial Institutions
Typical Hardware-Based Attacks on Financial Institutions
Attackers find it is more difficult nowadays to gain physical access to the ATM “internals” in order to install USB based attack tools, therefore, they focus their effort on external network attacks.
Attackers “intercept” the network cable and place their network MiTM implant.
As the implant spoofs the legitimate MAC address of the authentic ATM, it cannot be picked up by existing NAC/IDS solutions.
Most of these network attack tools rely on out-of-bound cellular connection for their C2 interface, making it even harder to identify their malicious activity.
Almost 70% of all ATMs are vulnerable to this attack method, making it very real and very threatening, especially since the attack takes just a few minutes to execute.
In these types of attacks, the perpetrator needs to gain physical access to the ATM in order to attach the cash dispenser connector to their own device, the “black box”. This is done by drilling holes or melting the exterior surrounding the connector.
As such, the cash dispensing commands come from the black box and allows the attacker to dispense as much cash as possible.
Improve your Financial
Risk & Compliance
Achieving a higher level of risk management compliance
Secure Financial Data Access
Safeguarding the access to sensitive data.
Secure Payment Transfer
Securing payment systems (internal and SWIFT)
countering payment heists.
ATM Cyber Security
Elevating your ATMs network cybersecurity posture.
You might be interested in the following resources