These days, most of the Global Banking organizations have a regular practice of undertaking an ATM Security Review on a periodic basis. The outcome is usually based on the competency, skills, knowledge and level of experience of the individuals who perform the review.
Below is a checklist which will ensure maximum efficiency, results and could also improve the skillset of those charged with the task.
1) Status of hardening done for Operating System used in ATM Network.
2) Status of Policies and rules designed to protect self-service machines against unauthorized software installations into ATM Network (Such as Implementation of IPS).
3) Status of encryption between the ATM and the host.
4) Status of the Optical Security Guards (Optical Sensors).
5) Status of the User Authentication Controls.
6) Status of the protection against the Hijacking of ATM Control and Authorization Systems – if a hacker can gain access of the ATM control and authorization systems, he/she can take full control of almost all ATM functions, including account balances and withdrawal limits, as well as the manipulation of specific ATMs in the network.
7) Status of the Protection of Data Confidentiality (used to protect user-related information exchanged in ATM Network).
8) Status of Protection of Data Integrity (protection of integrity of messages between the ATM and the host. Data integrity is used to protect ATM network user-related information. The integrity service ensures the correctness of exchanged data, insertion, deletion and modification of the new data).
9) Status of protection available for ATM Pin Cracking Attacks.
10) Status of Firewalls installed in ATM Network and Application Whitelisting.
11) Status of USB Whitelisting Arrangements.
12) Malware Protection Mechanism installed in ATM Network
13) Ability of BIOS to boot or auto-run software from USB sticks and CD/DVD drives.
14) Status of BIOS password protection to prevent settings from being changed without correct authorisation.
15) Access protection to the Windows desktop at the ATMs, and status of password management policy.
16) Protection against ATM Hacking efforts – Attackers use sophisticated programming techniques to break into websites which reside on a financial institution’s network. Using this access, they can access the bank’s systems to locate the ATM database and hence collect card information which can be used later to create a duplicate card. Hacking is also commonly used to describe attacks against card processors and other components of the transaction processing network.
17) How secure remote key loading is implemented for ATM encryption keys to prevent the entering of encryption keys via the ATM supervisor or administrator keyboard.
18) Protection against Black box Attacks on ATMs – Black Box is the term commonly used to describe technically sophisticated electronic devices that are attached directly to an ATM to allow the perpetrator to exert control over ATM functions. (Protection against skimming, Card Trapping, etc.).
19) Status of protection made for Secure Card Readers(SCRs).
20) Security arrangements done around EPP (Electronic Pin Pad).
21) Status of controls designed to prevent unauthorised modification of the ATM software configurations.
22) Status of segregation of functions and effective segregation of duties.
23) Status of security of communication interface(s) of the ATM.
24) Status of tampering protection arrangements available.
25) Status of patches applied into the ATM Network.
26) Status of physical security controls implemented for ATMs.
27) Status of Compliance to latest PCI standards where applicable.
Focusing the review activities based on the above areas will help organizations address the dynamic ATM threat landscape!
Article by channel:
Everything you need to know about Digital Transformation
The best articles, news and events direct to your inbox
Read more articles tagged: Cyber Security, Featured, Hacking
Popular Now
Related Articles
