What is ATM Jackpotting?
To be acquainted with protecting any ATM, one first needs to know the latest trends,techniques, and defenses. ATM jackpotting is when hackers install malicious software on ATMs for the the machines to dole out money without any PIN requirement. For this, the thieves first gain physical access to the ATMs just like anyone else and install electronic equipments to start with their so-called art. The malware can either be from a mass storage device which sends a signal to the ATM to dispense cash or a separate dispenser (the one with malware) can be attached to the ATM by disconnecting the original dispenser.
What are the type of Jackpotting?
Jackpotting has basically two types- malware and black box.
1. The malware method can be from a mass storage device which sends a signal to the ATM to dispense cash. The malware can even be installed days before the actual crime occurs. In the meantime, the ATM dispenses cash normally.
2. The Black Box method can be a separate dispenser(the one with malware) which can be attached to the ATM by disconnecting the original dispenser. The criminals drill out the serial ports in the ATMs in the facia thereby hijacking the EPP cable which then sends commands to spit out cash.
Where did ATM jackpotting origin?
Jackpotting dates back to 2013, when the first attack occurred in Mexico and which slowly spread to other countries. Once successful, jackpotting finds the next weakest link. Coming to the United States of America, jackpotting has been targeted to standalone ATMs. It has popped up in New England and the Pacific Northwest. Jackpotting might seem appealing to criminals in the US due to the higher rate of currency than any other country.But the risks involved with getting caught are very high.
What has made jackpotting easy?
There isn’t one particular answer that can explain this trend of new crime. Like any other crime, hackers find financial fraud cyclical. By targeting a region where law enforcement is not as robust, the attackers take advantage of the ease of entry. When one region is locally attacked, they try to move around globally before being exposed to law enforcement.
Are certain ATM brands more vulnerable to these attacks?
In no case are certain models/types more vulnerable to attacks than others. Law enforcement ought to have the best practises for such scenarios based on the locations of the ATMs.
Should consumers be worried?
As per the reports, consumers should NOT be worried. The attack in no way affects the consumers’ information or personal funds. The concern should be on the possibility of future access. With rumors circulating about hacks and reports of money theft, this may lead to a dangerous situation where the malware lies dormant, preparing and growing for even bigger attacks.