By : Owen Wild
October 01, 2015 12:25 PM
As many ATM operators have recently taken action to protect their ATMs from malware attacks, we may be seeing a return to the “Black Box” attacks of old. In this form of attack, the criminal gains access to the Top Box of the cash machine and then disconnects the physical dispenser from the ATM PC core. The fraudster can then connect his own computer device, which is used to issue commands and force the machine to dispense cash. Black Box attacks originated around 2012 and have now spread into more regions around the world. There are several different variations of the attack using different forms of electronic devices. However, most of these attacks are attempted on freestanding front access ATMs located in lobby environments. A Black Box attack is one of two “logical” attacks against ATMs known as “jackpotting” that are being seen in increasing frequency. It uses hardware, while the other form uses malicious software to force the machine to spit out cash. In both cases, though, the criminals need to physically access the top part of the ATMs where the USB ports are located. Black Box attacks can be prevented with upgrade kits on older NCR Personas ATMs and by configuring Self Serv ATMS dispenser security settings to Level 3 (Physical). In both solutions, encryption is activated that will prevent the attack from succeeding. In addition to these solutions, owners and operators should consider the environment and the security physically protecting the ATM. ATMs in unattended public locations are at highest risk. For example, an alarm that will alert when the Top Box is opened should be used. Sign up to receive NCR Security Alerts
Security Marketing Director
Owen Wild is responsible for marketing strategies for the NCR Security Solutions within NCR’s Financial Solution Portfolio. Over the past 15 years, Owen has held several sales and marketing positions with leading travel and tech cos.