Securing an ATM or payment terminal in the center of a big city is not difficult. Internet access is always available, and teams of specialists are on hand in case of need. But it’s a different story when the device is located in the middle of nowhere, where the nearest IT expert can be a hundred miles away and the connection is patchy at best.
People in remote areas depend on ATMs being in working order — it’s an indisputable social good. For some, they are the only way to get cash or pay for services. Consequently, such devices need to be secure.
The operability of terminals and ATMs depends on having a security solution able to cope with the latest threats — in other words, a security solution that is updated regularly. Let’s take a look at what issues can arise when protecting such devices, and what features the security solution needs to deal with them.
Difficulty of access. ATMs in rural areas give new meaning to the term “remote access.” If it takes police officers an hour to get there in case of emergency, an IT worker isn’t likely to arrive any faster. Therefore, an appropriate solution must support remote administration and updating.
Weak communication. Even developed countries have settlements with no wired Internet and unstable mobile network coverage. In some places, an ATM’s only communication channel is a 3G modem that struggles to get the job done even at maximum speed. Still, transmissions of transaction data and banking software updates need to be reliable and secure, so the solution has to be able to deliver updates even over a weak channel, without overwhelming the system with traffic.
Budget equipment. The chances that a rural village will be supplied with a top-of-the-range ATM model are slim. After all, there’s no security guard to protect it, and some enterprising robber might try to, say, blow it up to get the cash inside. Therefore, a smaller community is more likely to have an old machine housing a Stone Age processor and operating system — so its security solution must be able to run on outdated hardware and protect the OS that no longer receives updates.
Seclusion. In a big city, a payment terminal or ATM is almost never installed where no one can see it. That’s no coincidence — attackers want privacy to connect an external device to an ATM. Cybercriminals don’t necessarily need access to the cash trays; they can try to steal card details or modify the system so that transfers go to a different account than the account holder intended. Therefore, the ATM’s security solution must do more than simply detect the latest malware; it must also be able to monitor changes to critical files and logs, and block the connection of external devices and the installation of third-party programs.
As you’ve probably guessed, the above is essentially a description of the latest version of Kaspersky Embedded Systems Security. Our experts have optimized the data-transfer process, making the product even easier to administer and update even over a weak communication link. And most important, the data exchange does not conflict with the basic functions of the device.
On top of that, the solution includes a new module for defeating network attacks. The module manages incoming and outgoing traffic, and it can block the exchange of data if it spots malicious network activity. It can also detect scanning of ports, brute-force attacks, and attempts to disable an ATM through a DoS attack. You can read more about the solution’s capabilities on its official page.