by Mark O’Byrne, Goldcore:
– ATMs in US hit by “jackpotting” attacks that empty ATMs in minutes
– FBI warns of attacks in US after similar crimes in Taiwan, Thailand and Europe
– Hackers have stolen c.$1 million from ATMs across the US warns U.S. Secret Service
– Target Diebold Nixdorf machines – #1 global ATM provider, 35% of ATMs worldwide
– Digital deposits increasingly vulnerable – Time to save in physical gold
$1 million has been stolen from ATMs across the United States by hackers in a new hacking approach known as ‘jackpotting’. Using malware and an endoscope hackers are able to force cash machines to spew out their entire holding of cash.
Once the machine has been emptied the malware, known as Plotus. D, has handed over complete control to the hackers and displays an ‘Out of Service’ message.
This week a memo was leaked from the US Secret Service regarding this discovery. It stated that it was only a matter of time that the US became a target for this type of hacking, given it has already been seen in both Europe and Asia.
According to Russian cybersecurity firm Group IB, dozens of remote attacks were reported in 2016 within Europe.
Plotus.D is not a new discovery for security services, background reading suggests that they have been aware of it for a while now. An alert issued by the US Secret Service, states:
“In previous Ploutus.D attacks, the ATM continuously dispensed at a rate of 40 bills every 23 seconds…Once the dispense cycle starts, the only way to stop it is to press cancel on the keypad. Otherwise, the machine is completely emptied of cash.”
In fact, it was first seen in Mexico in 2013, as described by security firm FireEye in 2017. They concluded that it was “one of the most advanced ATM malware families we’ve seen in the last few years…
“Once deployed to an ATM, Ploutus-D makes it possible for a money mule to obtain thousands of dollars in minutes,” They believe the malware can be modified to use against 40 different ATM vendors in 80 countries.
No longer need to ‘blow the bl**dy doors off’
As Wired magazine pointed out last year, it used to be that robbers needed to either blow up or physically steal an entire ATM in order to steal its contents. Now there are two, far more subtle routes. A simple physical hack or one which goes through the bank’s own software system.
Due to the nature of cybersecurity threats these days, it is getting harder for hackers to access a bank’s back-end network as it requires a far more sophisticated network intrusion skills. Conversely, hacking physically through the front of a machine does not trigger any alarms and can be done relatively cheaply and easily.
Even more convenient for the hackers, physical attacks on machines means the banks or ATM issuers cannot do a remote fix across all machines, each one has to be repaired individually. Giving the hackers more time to access as many ATMs as they can.
How can this be managed? Wired magazine believe this may be an unsolvable problem:
Physical attacks on ATMs are, in some sense, an unsolvable problem. Computer security experts have long warned that no computer should be considered secure if an attacker takes physical control of it. But weak encryption and a lack of authentication between components leaves ATMs particularly vulnerable to physical attacks—access to any part of the insecure machine Kaspersky describes means access to its most sensitive core. And for computers that are left standing unprotected on a dark street in the middle of the night, stuffed full of money, a little more thought to digital security might be a worthwhile investment.
ATMs are not alone
As we discussed last week, anything is hackable today. Very little with an internet connection is safe from the malicious intent of hackers.
Sadly we’re exposed on all sides to hacking. From the security of our cash machines to the heating in our homes right down to our iphones and the many sensitive apps and data on them.
Hackers are no longer just individuals who have progressed from gaming in their mothers’ basements to hacking for jokes. Nowadays many of the hacks that we see are backed by international crime syndicates who themselves are supported by foreign governments.
Whilst companies are distracted with laying down the best security money can buy, individuals are left somewhat in the dark wondering how best to protect themselves. The idea of ATM attacks is particularly concerning when one realises the ultimate impact on consumer and citizens.
ATM attacks are another excuse to go cashless
Ultimately we will end up paying, either for the privilege of withdrawing our own money or (worse) being forced to go to a bank (of which there are fewer physical branches).
The attack on ATMs will likely be used as an excuse to further outlaw cash in the ongoing war on cash, by both governments and banks.
We have written previously of both governments’ and banks’ missions to prevent us from using cash. Very often reasons for banning large bills or preventing the carrying of certain amounts across borders has been justified under money laundering prevention, terrorism and even for the efficiencies and profitability for banks.
In truth, we know that cash is disliked by less liberal governments. They can’t track it and it’s certainly of no use to them when bail-ins and negative interest rates are on the table. What is the incentive, therefore, for ATM hacking to be resolved?
As we wrote in a previous piece on the cashless society:
Going cashless will not rid us of people and organisations who wish to commit horrific and illegal acts. Instead it will encourage them to find additional ways to run their gangs and terrorist cells. For the rest of us it will remind us of the importance of liberty, safe-havens, security and the need to protect our wealth from negative interest rates, bail-ins and currency devaluations.
Read More @ Goldcore.com