U.S. banks are increasing ATM security following a warning from the Federal Bureau of Investigations about new potential threats. “The FBI routinely advises private industry of various cyber threat indicators observed during the course of investigations,” Lauren Hagee, an FBI spokesperson said. “This data is provided in order to help systems administrators guard against the actions of persistent cyber criminals.”
The new potential threat involves breaching software to alter how much cash can be withdrawn from an ATM machine. A cash withdrawal breach can occur in a bank’s system, known as a “cash-out” or in the ATM’s system, known as “jackpotting.” Cash-outs require a software breach at the bank level, and then the use of fake debit cards to withdraw the cash. Jackpotting requires scammers to install malware on the computer that governs the cash dispenser to tell it to release all of its cash. This usually means physically breaking into the machine. Both methods differ from most cybercrime in that they require in-person access to the machine.
The FBI’s warning is the latest challenge for banks as they work to protect themselves against physical and cyber attacks. Bank executives have been boosting cybersecurity budgets as the business gets increasingly digital, and consumer data becomes more vulnerable to more kinds of attacks.