As physical ATM thefts continue to make headlines, a more dangerous and growing threat has emerged: coordinated cyberattacks on ATM networks. In a recent article published by ATM Marketplace, Hyosung Americas COO Nancy Daniels shared insight into the evolving nature of these crimes and what banks and operators can do to protect themselves.
According to Daniels, organized crime groups—often operating out of Eastern Europe—are targeting vulnerabilities across ATM networks, including processors, remote management systems, and switches. These attackers are no longer relying on social engineering. Instead, they’re leveraging technical exploits to manipulate ATM limits and move quickly from machine to machine in densely populated areas.
“People are pinging your domain name, searching for any kind of entrance they can find,” Daniels said. “At a network level, if you attack the server, the processor, the remote management system, then you have an opportunity to really capture a large number of ATMs.”
She also emphasized that many of the industry’s security gaps come from basic oversights—like default passwords, lack of firewalls, and leaving remote access software constantly running.
Despite the complexity of these attacks, Daniels reassures operators that prevention is possible with foundational cybersecurity practices, including:
- Changing default passwords
- Using a proper firewall
- Enabling TLS encryption
- Whitelisting ATM IPs
- Regular software updates
“If you do half of those things, you’re likely protected,” Daniels said. “It’s very basic cybersecurity.”
Read the full article on ATM Marketplace:
Protecting ATMs from Cyberattacks
