• ENEN
    • IT IT
    • FR FR
    • DE DE
    • ES ES
PARTNER LOGIN
  • ENEN
    • IT IT
    • FR FR
    • DE DE
    • ES ES

Auriga

  • COMPANY

    • About Us

    • Auriga History

    • Group

    • Our Values

    • Our Network

      • Partnerships

      • Certifications

      • Suppliers

    • CSR (ethical code)

      • CSR – Corporate Social Responsibility

  • BANKING

    • Overview

    • Needs

      • Channel Integration

      • Monitoring network

      • Marketing & Customer Relations

      • Accessibility of banking service

      • Corporate Banking

      • Banking Data Analysis

      • Branch of the Future

    • Products and Solutions

      • Shared Services

        • WinWebServer Architecture

        • Proactive Network Monitoring

        • One to One Marketing

      • ATM / Kiosks

        • WWS ATM

      • Internet / PC

        • WWS PC

      • Mobile Banking and Payments

        • WWS Mobile

      • Electronic payments

        • MyBank

      • Bank Marketing & Digital Signage

        • WWS One to One OMNIA

        • WWS Signage

        • WWS Perfect

        • WWS RSS Feed

        • WWS Simply Feed

      • Network Monitoring & Fraud Management

        • WWS Proactive Monitoring Manager

        • WWS Fraud Management System

        • WWS Simply Check

      • Call Centre

        • WWS Help Desk

      • Cash Handling

        • WWS Cash Handling

        • WWS Cash Management

      • Digital Invoicing and Document Management

        • WWS e-Invoicing

      • Branch

        • WWS Fill4Me and Bank4Me

        • WWS Greæter

        • WWS Customer Management

      • Business Analytics

        • WWS Business Analytics Management

        • WWS Asset Management

      • Cyber Security Platform

        • Lookwise Device Manager

  • NEWS & MEDIA

    • News

    • Press Release

    • Press Review

    • Blog

    • Videos

  • RESOURCES

    • White Papers

    • Customer stories

    • Research

    • Brochures

  • CONTACT

    • Contact us

  • CAREERS

    • Work for Us

    • Online application

    • Job vacancies

Blog

  • Home
  • News & Media
  • Blog
  • Cyber-attacks on Banks: Q&A with Elida Policastro, Regional VP – Cybersecurity Division at Auriga
Cyber-attacks on Banks

Cyber-attacks on Banks: Q&A with Elida Policastro, Regional VP – Cybersecurity Division at Auriga

09 June 2020 / Blog

If you haven’t already heard the great news, back in April, Auriga successfully completed its acquisition of the award-winning ATM cybersecurity solution, Lookwise Device Manager (LDM).

LDM is a modular security platform developed by a cybersecurity business unit previously integrated in S21sec, a leading European managed security services player, part of corporate venture capital firm Sonae IM’s portfolio.

Following this exciting step in Auriga’s development, we sat down with our new colleague, Elida Policastro, Regional VP – Cybersecurity Division at Auriga, to discuss the current cybersecurity landscape for banks and ATMs.

1. How would you describe the current state of cybersecurity in banking and, in particular, ATMs?

Cyber-attacks against ATMs, and the systems that control ATMs, such as central servers, are clearly a very pressing and growing threat worldwide.

Some forms of cyber-attacks result in the theft of personal data, such as account numbers and pin codes. However, these types of attacks still require further efforts to convert the data into money, so a much more attractive proposition for ATM cyber-criminals is to obtain the cash directly from the ATM they have targeted.

‘Jackpotting’ ATM attacks, which are made possible via ATM malware such as Ploutus, involve exploiting physical and software-based vulnerabilities to trick the ATM into dispensing cash, and are popular as they provide an immediate reward. Financial institutions around the world have lost millions to jackpotting in the last five years alone.

In fact the Ploutus family of ATM malware first discovered in Mexico in 2013, has generated losses of over 450 million dollars (approximately 398 million Euros) globally.

2. In your opinion, why do you think cyber-attacks on banks and ATMs are on the rise?

Cyber-criminals have realised that ATM networks are often one of the weakest links in a bank’s security infrastructure. One of the main reasons is that there is a lot of legacy hardware and software in ATM networks because it is so expensive and difficult to update.

Unfortunately, this means these systems are likely to be insecure. Many ATMs are still on Windows 7 or are in the process of migrating to Windows 7, which Microsoft no longer supports, meaning Windows 7 users are vulnerable to attacks as they will no longer receive updates from Microsoft protecting them from new threats.

We estimate around 40% of ATMs around the world are running an even older operating system (OS) that hasn’t been supported by Microsoft since 2014, Windows XP, making those machines even more vulnerable to breach.

Apart from the OS vulnerabilities, one of the main attack vectors on ATMs is the XFS layer, the standard interface designed to allow multivendor software to run on manufacturers’ ATMs and other hardware. The XFS layer uses standard APIs to communicate with self-service applications.

However, there is no automatic authentication process that comes with it, so criminals are able to exploit this vulnerability.

Cyber-criminals deploy malware onto hardware devices such as ATM cash dispensers to prompt ‘cash out’ commands and dispense cash, the card reader to steal card numbers and the pinpad to learn pin numbers, making the XFS layer a very attractive target.

3. How can banks protect themselves against cyber-attacks?

When it comes to cash machines, generic endpoint protection technology, such as anti-malware solutions are not enough, as such technologies are designed to protect PCs and laptops. ATMs are critical infrastructure devices – they cannot really be taken offline for any amount of time to reboot them like with a mobile device.

ATM networks and systems need to be available 24/7, 365 days a year, and so require greater protection and a different approach.

Auriga’s solution, Lookwise Device Manager is specifically designed as a centralised security solution that protects, monitors and controls ATM networks. It’s a tool financial institutions could use to manage the whole ATM network in one place, preventing malware attempts or fraudulent activities on infected ATMs.

4. What are examples of protection that Auriga’s solution, Lookwise Device Manager, provides?

There are several layers of protection LDM offers in a single platform, fully covering all types of cyber-attacks which could appear.

Application whitelisting

One is application whitelisting, the layer that limits which software can be used in an ATM.

Not all are the same – you could have whitelisting designed to work on generic networks, and another form of whitelisting for critical systems like ATMs based on the creation of a minimum whitelist of applications to run. There are two reasons for this.

First, it will reduce the attack surface. Second, legitimate software can be used to perpetrate cyber-attacks and this offers a way to prevent that. Allowing software just because it is legitimate is not a good idea.

Full disk encryption

The second layer of protection LDM offers is full disk encryption of all hard disks and volumes, an absolute must for any bank to protect their ATM network, as without this, criminals can steal hardware and perform reverse engineering to introduce malware onto the hard disk and then replace it in another bank branch.

File integrity

Third is file integrity protection, important as all binary files on an ATM are critical. When an ATM is installed there is a master file deployed which is not modified unless there is a software update and this is done through the software distribution system.

There is no reason why anybody should modify any binary file, so LDM will block any attempt to modify any critical file for anybody unless the process of software updates which is pre-defined.

Hardware protection

Finally the hardware protection layer, which captures data like taking a picture of the ATM. What is there in that moment is the only hardware which is allowed to connect. Any attempts to connect anything on top of that will be blocked.

A process firewall protects the ATM network from a communication layer perspective. LDM offers all these protection layers in one integrated and modular solution.

5. How important will effective cybersecurity be in future and why?

Effective cybersecurity is only going to become more important.

Given that financial institutions are a constant target for criminals, they need to maximise efforts to keep up with this dynamic threat and avoid breaches of large databases leaving hundreds of thousands of people’s data at risk.

And while there is also a huge movement to the cloud considered its advantages for the organisations, it is important that cloud services comply with cybersecurity standards that guarantee the protection of the data of users, clients and customers.

6. What security advice would you give to financial organisations moving to the cloud?

Huge amounts of data can be managed and analysed efficiently in the cloud.

The volume of data is becoming ever larger and more complex, and this poses a challenge to those responsible in banks as to how these volumes can still be processed in a useful way.

With big data platforms, cloud computing makes the entire process easier and more accessible for small, medium and large companies. Cloud services enable banks to improve the data security and reliability of their systems and benefit from significantly better computing power.

     
  • Tweet
  • News
  • Press Release
  • Press Review
  • Blog
  • Videos
  • Infographics

SUBSCRIBE TO THE NEWSLETTER

Subscribe today and you will get:

  • News on software solutions
  • Customer stories
  • Invitations to industry events and conferences
  • Detailed reports
  • Market research
  • and much more!
CONTACT

HEADQUARTER - BARI
Via Don Luigi Guanella, 17
70124 Bari - Italy

TEL: +39.080.5692111

info@aurigaspa.com

Milan office
Rome office
Brussels office
London office
Pamplona office
Mexico City office

BUSINESS CONTACTS
Niccolo Garzelli - Auriga - Footer

Niccolò Garzelli Milan office
niccolo.garzelli@aurigaspa.com

MARK ALDRED London office
mark.aldred@aurigaspa.com

Stefano Cipollone Milan office
stefano.cipollone@aurigaspa.com

Daniela Azzolini Milan office
daniela.azzolini@aurigaspa.com

MARTIN ESPINELMexico City office
martin.espinel@aurigaspa.com

lukasz-feluch

ŁUKASZ FELUCHLondon office
lukasz.feluch@aurigaspa.com

RUDY DE WOLFBrussels office
rudolf.dewolf@aurigaspa.com

EXPLORE
  • About Us
  • WinWebServer
  • Blog
  • White Papers
  • Research
LATEST NEWS
  • ATMaaS Managed Serviced blog en

    Keeping Customers Engaged with ATM-as-a-Service

    14/03/2023
  • cms-business-solution-press-release-img

    Auriga forges new ATM fintech partnership to further grow Latin American business

    28/02/2023
  • Banking industry accolades for LDM news

    Banking industry accolades for LDM

    23/02/2023

Connect with us

SUBSCRIBE TO THE NEWSLETTER

Auriga Spa - Copyright © 2023 - All rights reserved | Legal Notice | Privacy Policy
P.I. 05566820725 - Capital € 1.196.055 i.v. - R.E.A. 426675

TOP
We, and third party websites you may interact with via our site, use cookies to collect site usage data and improve your experience, this includes permanent and profiling cookies.
By clicking ‘Accept’ you agree to allow cookies, however you can disable this through your browser settings at anytime. If you opt to totally or partial disable cookies, this might compromise some features on the website.
For more information on our cookie policy, go to the Legal Notice page.
Accept

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT