Protection from cyber attacks and cyber threats
Why is ATM protection essential?
According to the ATM Industry Association (ATMIA), the level of cyber threat came to third place after traditional threats, such as skimming and physical impact on an ATM. In 2006-2003 years, cyber-attacks were mainly aimed at stealing data from bank cards using the specialized malware. To ensure ATM security it is necessary to use protection software.
In 2013, the information about robbing self-service terminals in Mexico was disclosed. Criminals stole cash from ATM cassettes by using the malicious program Ploutus. Such attacks were called ‘direct dispense’.
Since 2014 attacks on self-service terminals have massively increased both in the number of attacks and geographically. The malware to ATMs was uploaded from either an optical disc drive or a USB drive. The malicious program was activated by entering the code from the PINpad or controlling it from smartphone, Arduino-based devices at certain periods.
Software protection tools from cyber-threats and hacker attacks based on the principles of ‘white lists’ of programs proved to be reliable for ATM security against such attacks. It eliminated the possibility of launching malicious programs on the ATM that could not be detected by classical antivirus tools and device monitoring.
In 2015 the first attack conducted with the processing of the bank itself on self-service terminals was recorded. Payment terminals were attacked. The malware emulated depositing money in a cash acceptor and then carried out transactions on transferring money from the bank account to electronic money wallets of various payment systems and other bank accounts controlled by frauds. These attacks have been called ‘Virtual cash acceptor’. The attackers had learnt features of payment applications and internal mechanisms that were used in the attack.
How to provide ATM security from cyber threats?
An effective way of protection from cyber-threats and hacker attacks which are aimed at the organization's IT infrastructure is the application of complex ATM security steps such as monitoring of processes of launch and activities of applications, applying the principles of secure software development and etc.
Specificity of ATM and payment terminal security
|Low computing power of most devices in the network. The useful life of the ATM is more than 7 years and the cost of ATMs limits the ability to replace devices more often.
|In the world, more than 90% of ATMs support Windows XP, for which the availability of security updates can be considered as optional.
|Embedded versions of operating systems recommended to use by ATM manufacturers impose limitations in terms of compatibility with the software protection products common in the corporate segment.
|It is impossible to use software protection tools based on update of anti-viruses and centralized reactive analysis and control mechanisms due to weak means of communication and expensive traffic.
How can StarForce solutions help?
|ATM security. StarForce provides protection of the ATM software environment with the specialized software protection tool based on the principles of "White Lists" and monitoring activity processes.
|ATM source code protection. StarForce also provides protection the source code of specialized software of self-service terminals against decompilation, disassembly and reverse engineering, what allows complicating analysis of the application and stopping penetration into the system.
Maintaining the integrity of ATM and control launch of applications
TPSecure protects ATMs and payment terminals against running unauthorized programs and connecting external devices.
TPSecure was developed for complex ATM security and protection of self-service terminals against internal and external threats. This means that the product allows both controlling service personnel and resisting hackers attack
There is a wide range of protection functions of TPSecure one of advantages is centralized management and monitoring of events on the device network, ease of installation and low resource consumption of implementation and operation.
TPSecure allows you to lead bank self-service terminals to the standards of PCI DSS and the Bank of Russia. It ensures reliable protection from cyber-threats and hacker attacks.
ATM source code protection against analysis and modification
Product: StarForce C++ Obfuscator
StarForce C ++ Obfuscator is designed to obfuscate (transform) the source code of the programs of bank self-service terminals and protect them against analysis and reverse engineering.
The obfuscator is highly recommended for the cases when software protection against reverse engineering is crucial. For example for software that contains DRM keys or other sensitive data that can’t be lost or modified. If it happens it causes financial and reputation losses.
One of the StarForce C++ Obfuscator’s benefits is its versatility as it can be applied to protect programs designed for any operating systems and any processors.
Other feature of the product is the support of more than 30 methods of obfuscation, which you can change to find a balance between protection, data volume and speed.