Protecting ATMs was never easy. Now it’s downright hard.
Since the inception of the self-service banking channel, ATMs have been at constant risk of attack. While we still worry about physical attacks intended to penetrate ATM safes, attacks have increasingly become more advanced—and subtler—in recent years.
In general, as risks have evolved at the self-service channel, monitoring its security has become not only more important, but also more complex. Beyond new threat vectors emerging, there are more interconnected channels as well as varying defensive considerations required for self-service fleets comprised of multiple generations of ATMs from multiple manufacturers.
Reacting quickly to any kind of attack is imperative to stop attacks and catch attackers in the act, especially as many employ hit-and-run tactics or the quick installation and removal of fraudulent devices. A quick reaction speed can limit losses, make arrests more likely and even discourage attacks from the start.
We all see the problem, but how best to solve it?
Thanks to advances in cyber threat protection at the platform software layer, the newest generation of ATMs is capable of detecting events that can be considered irregular behavior at the system level. This can protect against attacks like jackpotting, for example, by correlating different events based on pre-defined rules and reacting accordingly depending on pre-defined protocols. This is especially effective if combined with an advanced alarm board that functions as the “nerve center” or central interface for all security devices and sensors in the ATM. It collects and logs critical information before passing it along to an external alarm system or the ATM’s host processor.
To ensure a higher level of security, safeguard the systems and control user actions as well as access information, financial institutions can install software that reduces the attack surface and minimizes the threat potential. Financial institutions who wish to take their security monitoring one step further should consider installing advanced monitoring software that has access to the ATMs’ security status through various map and chessboard views. A program such as this manages the device information in hierarchies and groups them for a better overview of the fleet. For example: It might detect an abnormal transaction. Depending on the protocols in place it can then trigger an ATM shutdown as well as an alarm to the security service that could also shut down the ATM remotely and create a ticket. Such an incident would then be logged in the management information and used for further process improvement.
However, it’s simply not realistic for many financial institutions to self-manage all of this. As one VP of Operations in a North American retail bank recently said, “[ATM security] is getting bigger than we can handle.” More and more retail banks and credit unions are finding that the best route to alleviating the stress of monitoring their self-service fleet is to stop thinking about it altogether. They’re choosing to outsource responsibility for self-service security to experts that specialize in deterring, detecting and dealing with ATM attacks around the world.
Instead of hiring expensive, hard-to-find security professionals and dedicating resources and time to identifying and managing the necessary defensive upgrades to resist evolving attacks, financial institutions rely on industry professionals who do it every day. In the process, they benefit from:
Access to a 24x7 Secure Operations Center (SOC), monitoring, threat response, audit/reporting support and consultation.
Insights from specialists who are at the forefront of threat mitigation across the industry and know how to proactively minimize risk.
How can Diebold Nixdorf help? While all our ATMs are equipped with an anomaly detection engine (ADE) and highly effective alarming solutions, this is just the basics of what we can offer. Our Vynamic® Security and Vynamic View software solutions are market-leading in the security space. Or, if you don’t wish to handle your security monitoring on-premises, we can help you secure your self-service channel through our DN AllConnect Security Management Services
SM.
What makes sense for you?
Every financial institution’s situation is different. If you are wondering whether internal or external management of your self-service security makes the most sense for your organization, reach out. We are happy to talk it through with you. Whatever you do, make sure someone is keeping a close eye on your fleet—the risks are just too high these days to simply hope nothing goes wrong.
Monitoring your ATM fleet for security issues is an important part of your overall security strategy. There are additional steps you should consider taking to improve the security of your self-service fleet further. If you’d like to find out more download our guide on the 7 shields to protect the self-service channel.
Download 7 Shields to Protect your Self-Service Channel