ATMs need quarantines too!

How we optimized our solution for ATM protection, and why.

I take more than a hundred flights in the average year. Usually traveling with companions, I fly all around the world — and while we’re abroad, we pay by card or phone, mostly with contactless services such as Apple or Google Pay, practically everywhere. In China you can even use WeChat to buy fruits and vegetables from grannies at markets. And the current coronavirus pandemic has only made the use of virtual money more popular.

At the other end of the spectrum, you get the odd surprise: In Hong Kong of all places, taxis take cash — only — and just last year, I ate in two Frankfurt restaurants that required cash. What?!! Instead of enjoying our post-dinner brandy, we had to go on a long search for an ATM and withdraw euros. The humanity! (Question: Am I missing inconvenient travel surprises these days? Answer: So much!)

Anyway, all this just goes to show that despite progressive payment systems being in place all around the globe, good old ATMs won’t be going away anytime soon.

So, what am I driving at, here? Of course, cybersecurity!

ATMs mean money. They’ve been hacked; they’re still getting hacked; and they’ll continue to be hacked. Indeed, the hacking is only getting worse: Our research indicates that the number of ATMs attacked by malware more than doubled from 2017 to 2019.

So, can ATMs be monitored constantly, inside and out? Actually, no.

You can still find plenty of ATMs with very slow connections — on streets, in stores, in subway and metro stations, and scattered around lots of well-trafficked and out-of-the-way spots. Some of them have barely enough bandwidth to manage transactions, let alone to keep an eye on what’s going on around them.

Given the lack of monitoring, we stepped in to fill the gaps and improve ATM security. We applied the best practices of optimization (something we can claim mastery of — with 25 years of experience but no false modesty), and also radically reduced the amount of traffic needed for our dedicated immunization against ATM threats — Kaspersky Embedded Systems Security.

Kaspersky Embedded Systems Security user interface

Get this: its minimum Internet connection speed requirement is … 56 kilobits per second. I had a 56K dial-up modem in 1998!

The average speed of 4G Internet today in developed nations is 30,000 to 120,000 kilobits per second. And 5G promises 100,000,000-plus kbps (that is, if people don’t destroy all of the towers before then). But don’t let prehistoric Internet speeds fool you; the protection couldn’t be better. Indeed, many an effective manager could learn a thing or two from us about optimization without loss of quality.

How Kaspersky Embedded Systems Security protects ATMs

In addition to existing functions, here’s the new stuff. Kaspersky Embedded Systems Security can now block:

  • The ports that cybercriminals use for their attacks after scanning for virtual entry points on the ATM to find the most vulnerable;
  • Brute forcing — one of the simplest and most popular ways of finding out a password. The attackers use software to test possible combinations and, alas, often get in;
  • DoS attacks and exploits. If the crooks do connect to an ATM, they proceed to throw so much data at it that the ATM’s hardware simply can’t cope. That’s why they’re called DoS attacks — Denial of Service — they simply force the target to stop providing service.

Now for a bit of showing off. Large banks are using Kaspersky Embedded Systems Security on thousands of ATMs all around the world, as do a great many transportation companies and retail giants. Accordingly, you can expect a reduction in the number of news items about hacked ATMs very soon.

Still have questions? Head on over to our Kaspersky Embedded Systems Security product page.