Top Security Threats Facing Bank ATMs and the Importance of Endpoint Security

ATM security

ATMs serve as an extension of your branch, providing your customers with easy access to their accounts and balances, while serving as a form of outreach within your community, marketing your services and spreading your name. Ensuring that your ATMs are safe, well-maintained, and functional is not only important in showcasing the quality and accessibility of your services, it’s also important for the safety and security of both current and potential customers.

According to the FBI’s most recent bank crime statistics in 2022 and 2021, ATMs are one of the most vulnerable areas in banking for physical theft. Ever-evolving cyber-attack, from jackpotting to cash-out fraud, present additional modern risks that banks must also increasingly address. 

In this post, we’ll explore some of the most pressing security threats facing ATMs, including both physical and digital security risks. We’ll also explore crucial methods you can use to enhance security and protect your customers, assets, equipment, and reputation. 

Security features

Physical ATM Security Threats

ATMs and ITMs can provide customers with physical access to bank services and cash—without setting foot in a physical branch. When placed in bank lobbies and drive-thrus, they can also act as an effective expansion of operating hours. However, because they are not physically manned, they can provide unique opportunities for criminals to access customer data and currency. Let’s take a look at a few of the physical security risks that may be associated with ATM operation. 

ATM Skimming

ATM skimming remains a significant security threat to both customers and financial institutions. With skimming, criminals attach devices to ATMs to steal card information, PINs, and other account and personal data that customers may enter at the ATM.

When many individuals think of ATM scams, they usually consider devices inserted in card readers designed to grab card numbers. However, there are a variety of tactics and devices that criminals can use to steal information. These also include:

  • ATM Shimmers: Devices that catch and retain actual cards.
  • ATM PIN Pad Overlays: Slim keypad replicas that are installed over ATM keypads, recording every button pushed.
  • Hidden Cameras: Pinhole cameras hidden in brochure holders and small attachments to ATMs, designed to capture PINs and card numbers.

While these devices are continuously evolving to be harder to detect while capturing more data, it is possible to stay ahead of them through ongoing monitoring—the most effective ATM skimming protection. As we write in our post, ATM Card Skimming Device Detection – How to Spot & Avoid, “Regular monitoring and maintenance of ATMs/ITMs is paramount to the safety of individuals and financial institutions against criminal activity such as credit card skimming, theft, identity fraud, and more.”

Physical Attacks

Stealing card and bank account information is an indirect form of ATM theft. But sometimes criminals can be less creative, attempting to break into the ATM to steal cash—or even stealing the ATM itself.

Thieves may “ram-raid” ATMs, plowing heavy vehicles into the machine in order to smash their way to the currency inside. They may also utilize explosives to a similar effect, blasting into the internal safes. Lastly, they might employ the use of heavy equipment like tow trucks (often stolen) to drag ATMs from their locations, or forklifts to lift them from their foundations, absconding with the machine. Not only do they get away with cash, but they can also leave significant destruction of surrounding property in their wake. Drive-up island ATMs are especially targeted for Hook and Chain robberies, where tow chains are hooked to the door of the inner ATM safe, then dragged out by a vehicle. See a video of a hook and chain robbery in action. ATM gates, seen below, can help prevent this type of ATM theft.

ATM gates

Unfortunately, many of these physical attacks involve customers and employees—not just equipment. Regionally, ATM robberies have made the news recently, with incidents of customer hold ups and employee attacks highlighting a growing trend in violent ATM theft. Following best practices for ATM placement and using skilled and trained technicians to replenish ATMs are two ways to reduce these occurrences. 

ATM Cybersecurity Threats

Even though ATMs offer real-world services akin to visiting a physical branch, today’s machines are equipped with extensive digital infrastructure, functioning as a cross between a physical branch and a remote account access portal. 

This technology can provide users with the most detailed and accurate account information and financial institutions with efficient and constant monitoring abilities—as well as remote update capabilities that provide the latest ATM software security features. However, this interconnectedness can also leave ATMs susceptible to criminals from afar through remote cyber-attacks.

Malware Attacks

The installation of malware—malicious software—is a common way for cyber criminals to both remotely access sensitive data and steal actual cash. Malware can affect ATMs directly, being downloaded onto the computer directly through devices (like USB sticks) or remotely through corrupted software patches. ATM malware attacks can achieve many results for criminals, from discharging all cash in the machine (also called “jackpotting”) to recording customers’ keystrokes on PIN pads. And because ATMs are connected through networks, this Malware can even spread to other machines.

Network-Based Attacks and Cloud-Based Attacks

Cybercriminals may also mine ATM data by gaining access to a financial institution’s network or cloud storage—often achieved through phishing attacks. Once hackers have access to a network, they may be able to obtain sensitive information, including debit card numbers and PINs. They may also cripple systems with ransomware, demanding cash payments for the return of sensitive files or reinstated access to ATM networks. Recently, Cloud Coin, a now-bankrupt Bitcoin ATM startup, suffered a data breach that “resulted in the unauthorized exfiltration of 70,000 customer selfies, captured through the ATMs’ integrated cameras.” Because ATMs access and utilize a wealth of sensitive data, ATM network security is an integral component of consumer protection. 

Insider Threats

While many ATM security threats originate from outside sources, it’s important to recognize in-house vulnerabilities, too. Insider threats in banking can be especially challenging to detect since security technologies often can’t distinguish between legitimate and malicious activities on authorized accounts.

Internal fraud is common, accounting for 57% of all fraud in companies. It is also something that can be managed with foresight and ingenuity.  Outsourcing ATM management to outside insured industry professionals like Shields can greatly mitigate the risk of your financial institution being compromised by an internal threat, including disgruntled employees and individuals who have become familiar with potential security vulnerabilities. 

ATM security

The Importance of Endpoint Security

The endpoint or entry point—the places where customers and employees gain access—can be the most vulnerable part of any organization’s data systems. ATMs, standalone devices that by nature have unfettered public access, are a prime example of an endpoint vulnerability financial institutions face. 

While thieves’ techniques may evolve, utilizing the right ATM management approach that incorporates the latest best practices and security measures can be an effective way to reduce susceptibility to both currency and data theft.

What does ATM endpoint security entail? Examples include:

  •  Application Control and Patch management Zero-day protection against malicious attacks
  •  Centralized policy management
  •  Windows firewall management
  • Password Management
  • Hard Drive Encryption

Additionally, utilizing services that provide highly trained professional maintenance, cash transit, and replenishment can reduce threats to customers, financial institutions, and to and from employees. Shields’ products and services use the highest security standards in the industry, helping to mitigate the risk of financial loss and criminal interference by detecting potential skimming equipment quickly and ensuring that ATMs are secure, well-maintained, and fully-functioning. 

ATM Endpoint Security is a “Must Have” for Financial Institutions looking to secure the customers’ data.

Enhance Your ATM Security: Trust Shields Business Solutions for Advanced Protection

We know that ATM cyber and physical security is a top priority for financial institutions, protecting customers, employees, equipment, and assets. As a leading provider of ATM/ITM solutions in the Northeast, Shields Business Solutions offers comprehensive solutions to mitigate operational risks and ensure robust ATM security. 

To learn more about how Shields can safeguard your ATM/ITM and cash operations, schedule a free consultation. And for more valuable industry insights, subscribe to our blog.