Using IBNS (Intelligent Banknote Neutralization Systems) with-in an ATM or Cash Point Machine to safeguard the contents may be a physical security best practice, but being exposed to logical attacks creates more modern day risks whereby criminals create the ability to override the hardware functionality and force these Cash Point Machines to breach the physical protection layers, or worse, dispense cash automatically at one or multiple locations at once. The outcome of this type crime can be detrimental to the Cash Industry and lead to significant financial losses in an instance.
Since 2012, Logical ATM attacks have increased substantially in a variety of different methods and are constantly evolving around the world.
Various types of attacks have been recorded around the Globe and many of these attacks on the Cash Handler is successful. There are many different solutions available in the market today, but these additional Logical Security systems are not only expensive to implement but also require ongoing upkeep and often do not protect against all types of Logical attacks.
Removing the ability to operate the ATM’s Cash Handler Module in an unauthorized manner is the most effective prevention method against criminal activity.
SmartFence is revolutionary technology with an innovative approach to the problem and takes prompt action by shutting down the Cash Handler Module when unauthorized and suspicious operational behavior is detected.
For more than a decade, Feerica have undergone various product testing and Industry regulatory certification procedures with great success. Today, the Feerica SmartStain solution is being used in more than 50.000 ATM Cassettes in various parts of the World including Portugal, France, Spain, Balkan, Belgium, Netherlands, Uruguay, Chile, parts of Africa and Malaysia. SmartStain also carry endorsements from various ATM manufacturers.
SmartStain is unlike any other system in the market and achieves the following criteria:
- Minimize the chance of human errors by applying simple intuitive operating handling;
- SmartStain strive for ZERO “False Positives” with no hidden operational costs;
- Enabling full flexibility in operational management built on remote software update capability;
- Ensuring effective cash degradation during all types of ATM attacks;
- Adequate prevention against withdrawal stained notes after a legitimate activation of the ink system;
- Providing Real-time/Online system monitoring traceability as well as system management functions through a fully configurable , multi language, multi-tenant but easy and intuitive web portal interface;
- Easy deployment and centralized management of all ATM cassette assets – in ATM as well as in the End-to-End cash cycle;
- Providing traceability of stolen cash and/or ATM Cassettes;
- SmartStain offers protection for all types of cash dispensing, cash accepting or recycling machines;
- Proven low maintenance and operational costs with guaranteed battery life for up to 8 years of error free operation.
MALWARE IN THE NETWORK (ONLINE)
Criminals are able to inject malicious software such as malware onto the ATM PC via the network. The malware can intercept the communications between the ATM and host and with this, capture information or cause unauthorized dispensing of cash from the machine.
MALWARE INSTALLED ON THE ATM (OFFLINE)
Malware inserted by removable media (for example, DVD, CD or USB) or via connecting a notebook PC or other electronic devices (as described above), into the ATM PC and then rebooting the machine.
The ATM will then boot to the removable media or start executing the injected software to copy the malware onto the ATM hard disk. The ATM is rebooted again allowing the ATM to start up as normal. However, now the ATM is infected with malware which runs on its hard disk and can be activated to get the CHM to dispense cash on request of the criminal.
The difference between Logical attacks compared to Physical attacks is that logical attacks can be far more precise as criminals are certain of the outcome of the attack whereas physical attacks can be less successful as hardware and materials react differently every time to explosives and physical abuse.
BLACK BOX ATTACKS
Criminals gain access to the communications of the machine’s Cash Handling Module (CHM) inside the terminal. By doing this, they are able to bypass the ATM PC and connect an intelligent electronic device directly to the CHM. Criminals are then able to send unauthorized commands to dispense cash from this machine.
We see different forms of gaining access to the CHM either by drilling holes in the ATM fascia or having access to the upper ATM compartment where the PC is housed or even the ATM safe is breached. They can then connect a notebook PC or other electronic devices to communicate directly with the CHM.