Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

EU Authorities Fight Back Against “Black Box” ATM Attacks

Europol has announced that a total of 27 related arrests have been made since the ATM black box threat first emerged in 2015. Eleven arrests have been made in France, four in Estonia, three in the Czech Republic and Norway, and two in The Netherlands, Romania and Spain.

Europol has announced that a total of 27 related arrests have been made since the ATM black box threat first emerged in 2015. Eleven arrests have been made in France, four in Estonia, three in the Czech Republic and Norway, and two in The Netherlands, Romania and Spain.

A black box attack is a logical attack against cash dispensers. It requires gaining access to the inner workings of the machine, usually, notes Europol, “by drilling holes or melting.”

Once access is achieved, the cash dispenser is disconnected from its core working, and connected instead to the hacker’s own electronic device — the so-called black box. The attacker then simply issues the necessary commands to empty the cash dispenser; an act known as ‘jackpotting’, which bypasses any need for a card or transaction authorization.

Since a black box attack simply empties the whole machine, rather than attempting to extract available cash from an individual account, a single successful attack can potentially steal hundreds of thousands of Euros.

According to Europol, black box attacks have increased dramatically. It quotes a recent report from the European ATM Security Team (EAST) which reports 58 such attacks in 2016 compared to just 15 in 2015. In reality, however, the majority of attacks fail. Although the attacks increased, the related losses fell by 39% from €0.74 million to €0.45 million.

EAST attributes this fall largely to its own work. “While the rise in ATM black box attacks is a concern,” said executive director Lachlan Gunn, “we are pleased to note that many of these attacks were not successful. In 2015, to help the industry counter such attacks, our EAST Expert Group on ATM Fraud (EGAF) worked with Europol to produce a document entitled ‘Guidance & recommendations regarding logical attacks on ATMs’.”

EAST will be leading a breakout session discussing black box attacks at the third global Financial Crime & Security (FCS) Forum, being held in The Hague on 8th/9th June 2017.

Despite the potential for high value individual attacks, black box attacks are rare in comparison to other ATM-related attacks. “ATM related fraud attacks increased by 26%, up from 18,738 in 2015 to 23,588 in 2016,” reports EAST. “This rise was mainly driven by a 147% increase in Transaction Reversal Fraud (up from 5,104 to 12,581 incidents). The downward trend for card skimming http://www.securityweek.com/cybercriminals-developing-biometric-skimmers-atm-attacks continues with 3,315 card skimming incidents reported, down 20% from 4,131 in 2015. This is the lowest number of skimming incidents reported since 2005.”

Advertisement. Scroll to continue reading.

Overall, actual fraud-related ATM losses increased only marginally — up by 2% from €327 million in 2015 to €332 million in 2016.

Written By

Kevin Townsend is a Senior Contributor at SecurityWeek. He has been writing about high tech issues since before the birth of Microsoft. For the last 15 years he has specialized in information security; and has had many thousands of articles published in dozens of different magazines – from The Times and the Financial Times to current and long-gone computer magazines.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this event as we dive into threat hunting tools and frameworks, and explore value of threat intelligence data in the defender’s security stack.

Register

Learn how integrating BAS and Automated Penetration Testing empowers security teams to quickly identify and validate threats, enabling prompt response and remediation.

Register

People on the Move

DARPA veteran Dan Kaufman has joined Badge as SVP, AI and Cybersecurity.

Kelly Shortridge has been promoted to VP of Security Products at Fastly.

After the passing of Amit Yoran, Tenable has appointed Steve Vintz and Mark Thurmond as co-CEOs.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.