#4 Attacks in the past have required malware to somehow be delivered to the ATM or to have physical access to the ATM.
In the former scenario, attackers (same group that hit the DNC by the way) hit several Russian banks to cause the ATMs to spew out money at specific times and their mules would collected it then. They gained access as a couple of the regular networked PCs had full access to the ATMs and when they were infected, the ATMs were exposed to attack.
The other example involved a vendor swapping out infected hard drives on the ATMs so attackers could gain access that way. Some ATM locks are so bad you can pick them with a paper clip and people can get to the electronics (the money is still in a different locked safe inside) and hack the system then.
|