We have entered a new era of active and sophisticated malware attack from sophisticated code-literate cybercriminals. New risks from their increasingly well-researched activities include side channel attacks and offline attacks that occur when your machine is not running and while protection may not be available. There is protection available but it doesn’t provide all the answers.
It may appear that the above is a hypothetical solution that can only occur under a very specialized set of circumstances. In fact it is already happening and a good example can be found in the spate of “jackpotting” attacks seen in the US and elsewhere.
You can find more on these attacks in other thought-leadership articles from KAL but an important and familiar aspect on the use of the malware is how it is initially installed on the ATM. It appears that the malware can only be used on ATMs that have no security protections or where the security protection has not been enabled. In order for the malware to be successful, it requires access to a keyboard port (e.g. PS/2) and/or access to a USB port. As the malware would need to be installed inside the ATM runtime environment, it would be necessary to have physical access as above, and the USB ports would need to be left unlocked for mass storage devices; likely via an unlocked USB port. Once installed, the malware has to install itself and run on the ATM. (Although we should note that this would not be possible on ATMs protected with whitelisting technology as recommended by KAL.) So as we can see the vulnerabilities of a machine described before are already being exploited by cyber criminals.
Due to the nature of our product and services, we only deal with legitimate businesses.
Enquiries will be validated carefully before shipping a sample.