Attackers don’t sleep. Worse: They cooperate.
Attacks on ATMs with relation to organized crime groups (OCG) have become more common over the last years and the level of sophistication is continuing to increase. Each of these OCGs is specialized in one specific Modus Operandi e.g., Jackpotting, Skimming or Explosives attacks, with experts on building fraudulent devices and other sub-tasks. They don´t care much about boarders and constantly adapting their tactics, techniques, and procedures.
Not too long ago, Krebs on Security1 reported about incidents in Texas. The state was hit by a wave of well-organized hook & chain attacks all following the same playbook. These attacks then spread to other states as well. Meanwhile, Germany has become a prime target for explosive attacks on ATMs and again all clues point towards highly organized groups with a division of roles and training centers as was reported by the European Union Agency for Criminal Justice Cooperation2.
Unfortunately, the good guys are often more fragmented. Let’s stay in Germany for this example: The country is made up of 16 states, each with their own decentralized police force. Combine this with a banking system that is made up of nearly 1,500 independent financial institutions (FIs). This structure makes the roll out of a swift national response and improvement of ATM security standards difficult. This gets increasingly difficult, if the OCGs are active in different countries.
However, that is exactly what we must do: to combat the fast-paced development of new attacks and the high level of organization on the side of the attackers, we must also organize, we must connect. Trustful and intense collaboration and close communication is the key.
Any FIs’ CISO/CSO should involve themselves in these discussions about the security of the self-service channel as this topic needs to be handled not just on the operational but also on the strategic level. But what does that mean concretely?
Trustful cooperation and information sharing are key to improve your ATM fleet’s security as well as security in the financial services industry overall. However, there are many more steps you need to take to make your self-service channel as secure as possible: Read our guide on the 7 shields to protect the self-service channel, to learn about other ways to consider.
SOURCES:
1 HTTPS://KREBSONSECURITY.COM/2021/07/SPIKE-IN-CHAIN-GANG-DESTRUCTIVE-ATTACKS-ON-ATMS/
2 HTTPS://WWW.EUROJUST.EUROPA.EU/NEWS/CRACKDOWN-CRIMINAL-NETWORK-ROBBED-ATMS-GERMANY
3 HTTPS://WWW.NCFTA.NET/
4 HTTPS://WWW.ASSOCIATION-SECURE-TRANSACTIONS.EU/