Jackpotting, a technique whereby cybercriminals can trick an ATM into dispensing cash, has been on the rise over the last ten years and may be growing as an attack on banking and financial services.
Elida Policastro, Regional Vice President for the Cybersecurity Division at Auriga, is a self-service banking cybersecurity expert and has worked with several banks on their cybersecurity strategies. She expects the problem to continue unless banks do more to apply holistic security strategies across their networks and infrastructure including ATMs.
Here she discusses the issue of jackpotting, and what the trend could mean for banks and financial services.
It has been over 10 years since Barnaby Jack famously hacked an ATM at a trade show and tricked the cash dispenser into spitting out dollar bills. Years later and this technique, now known as jackpotting, persists as a threat and in fact, may be growing as an attack on banking services. Indeed, in late 2020, several US agencies warned about a hacking group called BeagleBoyz in North Korea who are allegedly stealing money from international banks by using remote hacking techniques like jackpotting.
What is Jackpotting?
Jackpotting is a technique whereby cybercriminals use malware to trick an ATM machine into dispensing cash. Because this technique is very easy to commit, it has been on the rise over the past few years, and this trend is sure to continue this year unless banks take action.
During this unprecedented time where access to cash has never been more important, banks have increasingly relied on ATMs for their customers to have access to money. However, ATMs have become a very attractive object for cybercriminals to exploit as they carry sensitive data such as credit card or PIN numbers. With cyber criminals putting in lots of effort to develop innovative ways of attacking the IP in these ATM machines, there is no doubt that jackpotting will continue to rise this year, especially as the return on investment is huge.
The Vulnerabilities in ATMs
Jackpotting relies on how ATMs are both physically accessible and often in remote locations without proper surveillance; and have software vulnerabilities that can be too easily exploited.
ATMs are vulnerable to attacks because most of them run on obsolete, unpatched operating systems. This issue is difficult for banks to resolve, as it takes huge amounts of time and money to update these systems. Because of this flaw, cybercriminals have the opportunity to infiltrate the software layers in ATMs and exploit the hardware to trigger the cash dispenser.
What Can Banks do to Fight Back?
With the sector’s complex technical architecture, financial organisations need to make sure that they control the transactions that take place, which includes managing the security of communication between different actors. When banks review their ATM infrastructure, they also need to do more to safeguard the most vulnerable capabilities of their cybersecurity. This includes encrypting the channels on the message authentication so that communications are not tampered with.
As ATMs networks and systems need to be available 24/7, greater protection and a holistic approach is required. Banks can implement a solution that is designed to be a centralised security solution that protects, monitors and controls ATM networks. Financial institutions can use such solutions to manage their entire ATM network from one place, preventing malware attempts or fraudulent activities on compromised ATMs.
Banks should also update their ATM hardware and software to reduce the risk of attacks and stay secure. They will also need to closely monitor and regularly inspect their ATM machines to make sure that they are not at risk.
What’s in Store for the Banking Industry
Jackpotting very much persists as a threat, as confirmed by the US warnings. There is some evidence that hackers may be changing their tactics. For example, it was reported last year that some hackers stole details of proprietary operating systems for ATMs, and this may be used to create new jackpotting tools.
The rise of jackpotting highlights the need for financial institutions to actively work to ensure that their customers’ personal information and critical systems are protected this year. Updating their ATM hardware and software is critical in reducing the risk of attacks and staying secure. Banks will also need to closely monitor and regularly inspect their ATM machines to make sure they are not at risk. With criminals coming up with innovative ways to attack ATMs, the trends mentioned will only continue to rise. Although jackpotting requires little effort from cybercriminals, if banks can implement a layered defence to their security, it could prevent them from falling victim to this attack in the near future.
