ATM malware risks on the rise?

By : Owen Wild

September 01, 2015 12:00 PM

In the past year there have been a series of malware attacks on ATMs worldwide that highlights the growing threat when devices are not properly protected. Malware attacks on the ATM are becoming more commonplace and proving a growing problem for security officers. In these attacks, many ATMs are attacked at the same time causing major losses over very short time frame. Last year saw four European countries report ATM malware attacks for the first time, according to the European ATM Security Team (EAST), which also said it tracked at least 20 incidents involving ATM jackpotting with malware in the first six months of 2014. “These were ‘cash out’ or ‘jackpotting’ attacks and all occurred on the same ATM type from a single ATM deployer in one country,” EAST Director Lachlan Gunn wrote. “While many ATM Malware attacks have been seen over the past few years in Russia, Ukraine and parts of Latin America, this is the first time that such attacks have been reported in Western Europe. This is a worrying new development for the industry in Europe.” The trend towards these software-based attacks is happening industry-wide. It’s occurring on ATMs from every manufacturer and on multiple model lines. Most at risk are older models of ATM and standalone machines where it is easier for criminals to access the top of the box compared to when they are wall-mounted on in a branch. While the version of malware used in the most recent case in Brazil was a variant from previous attacks, it was successful because the ATMs were not protected properly. To better protect ATMs, I’d recommend the following steps as a priority:


  1. Set the BIOS to only boot from the Hard Drive
  2. Password protect BIOS editing
  3. Ensure robust password management policies
  4. Disable Autoplay
  5. Deploy an effective anti-virus mechanism


At NCR, we’d also recommend active whitelisting applications which go beyond traditional anti-virus programs - specifically the deployment of Solidcore Suite for APTRA. Solidcore Suite is different from Solidcore. Solidcore Suite contains an enterprise level monitoring function which provides additional functionality, notification, and reporting. Read more about ATM security solutions at NCR Financial Services.

Owen Wild

Security Marketing Director

Other articles by this author

Owen Wild is responsible for marketing strategies for the NCR Security Solutions within NCR’s Financial Solution Portfolio. Over the past 15 years, Owen has held several sales and marketing positions with leading travel and tech cos.