Whitepaper: EUROPOL Logical Attacks on ATM's

This document describes how a financial institution may mitigate against logical attacks on ATM machines. A logical attack on an ATM is a sophisticated attack with a planned set of actions to gain access or compromise ATM machines. These attacks may include attaching hardware devices like card skimmers, or may have multiple steps such an attached USB to deliver sophisticated malware to the underlying operating system or banking software.

What is a logical ATM attack?

  • Offline attack: occurs when a system is not running or may be conducted by connecting a notebook, netbook, or minicomputer such as Tiny USB or Raspberry Pi to an ATM in an Effort to run their own operating system on the ATM Hardware.
  • Online attack: can occur when the ATM is in operation and exposes some Hardware or ability to easily gain physical access to the ATM structure or machine. Allowing the attacker to connect a USB stick, SD card or other method to deliver malware, modified software, virus, skimming software or key loggers onto the host ATM machines.