ATM Jackpotting: How to Protect Your Terminals

ATM jackpotting, a common offense overseas, is a sophisticated crime in which thieves install hardware or software at ATMs that force the machines to eject large sums of cash on demand, has recently made its way to American soil.

How Does ATM Jackpotting Work?

In order to carry out an attack of this nature, criminals physically install malware or specialized electronics to control the operations of the ATM.  Typically, the attacker inserts a USB, DVD or CD into the ATM main board and initates a reboot function by breaching the top of the cabinet, which houses a computer that controls the machine.  When the ATM reboots, it will boot to the inserted storage device, copying malware to the ATM main board. Once the malware is loaded to the computer, the thief can access the ATM from anywhere in the world and initiate a cash dispense for an accomplice to retrieve.

How to Protect Your Terminal from ATM Jackpotting

Although attacks are on the rise, Financial Institutions and Independent ATM Deployers can rest assured that the ATM industry is continually updating technology to deter criminal activity.  Similar to personal computers, as ATMs age, they can face particular vulnerabilities as new viruses are created. Often, malware exploits features on older ATMs that would not have been vulnerable at the time of manufacture.  Because malware attacks are ever-evolving, deployers must diligently remain informed on the latest technologies and services to protect their machines.

In an effort to better secure the upper cabinet of the ATM, Financial Institutions and Independent ATM Deployers can employ a few simple methods, from Joe Gagnier, Director of Service Delivery with Burroughs (1):

  1. Use unique serial numbers to identify each cabinet lock and associated key

  2. Carefully determine and limit which personnel have access to the upper cabinet

  3. Maintain a database to keep track of which terminal and location requires a specific key, and which personnel has the specific key, and

  4. Clearly document processes and procedures related to issuing and/or replacing lost or stolen keys

It is no secret that criminals commonly target ATMs in an attempt to steal customer data and access the cash stored inside.  It is up to the Financial Institution or Independent ATM Developer to ensure their terminals are running on appropriate software and are kept up-to-date with industry recommendations.

(1) Burroughs, Inc. 2018. “ATM Security and Fraud”