- October 27, 2017
- Posted by: Kerry Tomlinson, Archer News
- Categories: Archer News, Cyber Crime, Cyberattack, Hacking, Mobile Devices, Posts with image
Endoscopes aren’t just for medical procedures any more.
Look online and you’ll see sellers advertising small, lighted cameras on cables for all kinds of things, like checking out drains and vents or doing repairs on your car.
But one set of thieves decided they could do their own in-depth procedure — on an ATM machine, to steal cash!
Archer News Network’s Kerry Tomlinson shows us what happened.
Watch our report here:
An ATM-maker warning says crooks hijacked a cash machine with an endoscope, according to BankInfoSecurity.
The company, NCR, doesn’t say exactly where in Mexico. But the thieves drained the machine of cash.
How did they do it?
“The endoscope is very unique,” said Tripwire’s Travis Smith, who helps companies defend their ATM machines against attack.
First, he says, an ATM is a computer.
The bad guys will look for a USB port, not unlike the ones you use for changing your phone.
Those ATM USB ports should be covered, so no one can see them.
“Hopefully, it’s completely enclosed and you need a key to get in and access the underlying computer,” he said.
Thieves will often try to cut through the front of the machine to get to the ports, as you see in these Europol pictures from attacks in Europe.
Attackers cut holes in ATMs to try to steal cash from the machines. Image credit: Europol
They plug in a laptop or other device and can then load malware onto the ATM.
Here’s where the endoscope comes in.
The warning from NCR says the thieves pulled off the front of the ATM in Mexico and put the endoscope through the opening where cash comes out, BankInfoSecurity reported.
They used the endoscope to manipulate the sensors inside “to simulate physical authentication.”
And — boom — cash on demand.
“Very clever,” said Smith.
A European ATM damaged in a “black box” attack, where crooks burrowed in to plug in a laptop or other device. Image credit: Europol
Clever, but risky.
“You risk there being a security guard nearby or just passerby seeing you sticking a physical object into an ATM,” he said. “The risk of getting caught when you’re in physical presence is much higher than if you’re sitting at your desk hundreds or thousands of miles away.”
Smith says ATM thieves with more software skills will choose a different way, sneaking in to the bank’s computer network from another country, loading up malware on ATMs, then telling their over-the-border buddies to stand by.
“And they say, be at this ATM at six at night. It’s going to dispense a thousand dollars. Pick it up, keep a couple a hundred and send the rest to us,” Smith explained.
A customer takes money from an ATM in Mexico. Image credit: Archer News
The ATM maker tells banks and ATM owners to update the machines with new computer patches to address security holes when they come up.
It also asks them to protect the ATMs by putting them in a wall — instead of free-standing — or adding extra security.
Similar advice applies to you:
—Choose an ATM that’s connected to a bank or building, instead of one standing alone where thieves can mess with it more easily.
—Check the front to see if anything looks out of place or if someone has added extra parts to steal your PIN.
—Cover your PIN with your hand to protect from sneaky eyes or cameras.
Smith says there’s not much more you can do to stop an ATM attack.
Unless you see someone coming up to ATM with an endoscope.
“That would be dangerous,” said Smith, with a smile. “Endoscopes and hammers and screwdrivers are probably a huge red flag.”
An endoscope sold on line for non-medical use. Image credit: Archer News
Companies can do things like deactivate the USB ports on their ATMs when not in use, he advised.
But it is hard to keep these networks completely secure, according to Smith.
“It’s a living organism, any business and network,” he said. “One little change here that looks like it’s securing your end users at their front kiosks might expose another risk downstream.”
“It’s definitely not that easy,” added Smith. “There are so many more attackers attacking you than defenders you have to protect against.”
Main image: Endoscope for scoping drains. Image credit: Archer News