Cards And Payments - November 2020 - CIOReviewIndia Magazine

| | November 20208ybercriminals have begun targeting ATM systems with the intent to exploit vulnerabilities in the defences of financial institutions. In the rapidly evolv-ing world of cybercrime, `smash and grab' attacks on ATMs are nothing new, cash machines are now a fo-cus for operatives aiming to siphon bounty ranging from customer data to old fashioned cash. The past few years have seen a spate of attacks on ATMs in the UK using trucks and stolen farm machin-ery. The aim is to steal the ATM in-tact and transport it to a site where the cash can be extracted by force. The alternative is `smash and grab,' breaking into the ATM on site to extract funds. Similarly, in India, ATM manu-facturer NCR has released a secu-rity warning of `jackpotting' attacks being conducted against ATMs in India. The alert states that crimi-nals are gaining access to the `top box' of ATMs to connect a device to a USB port. By using the USB `black box', the attacker can connect a keyboard, issue commands to the ATM, and tell it to dispense cash at will. Recently, Indian co-operative Cosmos Bank has fallen victim to a malware and ATM cash-out attack that saw 94.24 crore (USD 13.4mn) stolen in 14,000 transactions across 29 countries.But there is a new threat to be mindful of one that isn't physical but is in the world of cybercrime. This summer when the FBI issued a warning about an imminent global cyber-attack on commercial bank ATMs. Known as an ATM `cashout,' the pre-empted attack centred on the hacking of a bank or payment pro-cessor to enable the fraudulent with-drawal of funds using cloned cards. This is typical of a sophisticated hack that can impact consumers directly while derailing the operations of banks and businesses.Different Kinds of ThreatsATM attacks are of two kinds: physi-cal and logical. A physical attack sees the perpetrator present before, dur-ing and after the crime. It involves the use of physical force to compro-mise the machine and is quite com-mon in the UK. Logical attack on the other hand involves malware and specialist electronics to gain control of the ATM and access to common data and funds. The Federal Bureau JACKPOTTING ATM ATTACKS: AN EMERGING THREATBy Rohan Vaidya, Regional Director, Sales, India, CyberArkC IN MY OPINIONRohan heads CyberArk India as Regional Director of Sales. His responsibilities include managing sales operations and profitability of the business in the sub-continent and build the capabilities and resources of CyberArk in India.
< Page 7 | Page 9 >