CONTINUE TO SITE »
or wait 15 seconds

Security

Protecting ATMs from cyberattacks

Although there are still reports of traditional hook and chain ATM thefts, a new more dangerous trend of cyberattacks has become increasingly prevalent.

Photo: Adobe Stock

May 28, 2025 by Bradley Cooper — Editor, ATM Marketplace & Food Truck Operator

Gone are the days when banks and operators only had to contend with simple ATM thefts. Although there are still reports of traditional hook and chain ATM thefts, a new more dangerous trend of cyberattacks has become increasingly prevalent.

Organized crime

Nancy Daniels, COO of Hyosung said in a video call that with past, "retail cash dispenser" thefts, thieves could only expect to get a few thousand dollars. But this has changed as organized crime groups now engage in coordinated cyberattacks.

"We're seeing much more organized cyberattacks," Daniels said. These groups attempt to "find any kind of exploit" to take advantage of the ATM network.

She said that a lot of these groups come out of Eastern Europe and coordinate their efforts to look for "any sort of possible entry into the processor, switch or the remote management system and so forth."

Techniques

Daniels said when it comes to the techniques of these attacks, they typically don't involve social engineering. It more involves looking for any possible entry into the system, which they can then take over.

"People are pinging your domain name, searching for any kind of entrance they can find," she said.

In particular they will "change the maximum limit of an ATM, do a couple transactions and pull out $800 and then move on to the next ATM."

They will send couriers to busy areas to accomplish this task, never staying at one ATM for too long.

"At a network level, if you attack the server, the processor, the remote management system, then you have an opportunity to really capture a large number of ATMs and as a consequence, in your crime you can really get a lot more cash," Daniels said.

Weaknesses

There are a number of key weaknesses criminals exploit. For example, many companies might have default passwords for the networks, which are easy to break into.

This can also include a lack of a firewall, or no whitelisting tools or enabling Transport Layer Security encryption for sending data from the ATM to the banking network.

"In the past, the industry has been a little bit lax in terms of IT infrastructure, cyber protections. We have people who believe routers are a firewall, they use default passwords. With the aggressiveness of criminals, you don't have that option anymore," Daniels said.

When looking at the regions where these attacks occur, Daniels said large metro areas are far more likely to be targeted due to the close-proximity and number of ATMs.

"In dense metropolitan areas, it's about the density of ATMs, and how you quickly you can go from machine to machine," she said. In addition, customers tend to use larger quantities of cash in urban areas.

How to stop cyberattacks

The real question is how can banks and independent operators prevent these types of attacks? One would imagine it would be very complicated, but Daniels argues it is, in fact, "fairly basic."

For example, with a remote management system, "it's essential to only have that software running when you're using it, instead of leaving it on all the time," she said.

When the system is left on, it can be exploited by bad actors.

Daniels mentions other techniques such as:

  • Change the default password to a secure one.
  • Use a firewall.
  • Have TLS encryption between the ATM and the server.
  • Whitelist ATMs so only specific IPs can access the processor.
  • Regularly update software.

"If you do half of those things, you're likely protected," Daniels said. "It's very basic cyber security."

About Bradley Cooper

Bradley Cooper is the editor of ATM Marketplace and Food Truck Operator. He was previously the editor of Digital Signage Today. His background is in information technology, advertising, and writing.

Connect with Bradley:

Included In This Story

Hyosung Americas

Hyosung Americas is a global human experience maker that bridges the physical and virtual worlds. We do this by harnessing our unique combination of a manufacturer’s soul with an innovator’s mindset to build a platform of integrated products, services, and ideas that improve life’s day-to-day interactions for everyone.

Request Info
Learn More

Related Media

Article
ATM Security: 5 ways to prevent attacks
News
Hyosung warns of ATM cyberattacks
Blog
How to combat ATM fraud
Article
Examining biggest ATM security issues and 4 strategies to prevent them
Blog
Improving banking security
Blog
ATM fraud: How to combat it

Security
Examining biggest ATM security issues and 4 strategies to prevent them
Security
Banking privacy: 5 benefits for banks, customers
Security
Protecting an ATM's hardware, software by slowing down criminals
On-Demand Webinar
A Masterclass in ATM Security: Global Best Practices and Trends
Presented by Diebold Nixdorf

Software
Top 10 ATM software solutions
Software
Examining the past, present and future of XFS
Commentary
ATM features: 5 to include
Special Report
2024/25 ATM & Self-Service Software Trends
Presented by KAL ATM Software GmbH
Recent Posts
ATM fees increase for 3rd consecutive year
ATM check deposit fraud on the rise in Honolulu
The Farmers Bank renames branches, converts ATMs to ITMs
ParaScript intros verification solution for checks
Nymeo Federal Credit Union wins recognition as 1 of the best workplaces in Maryland


©2025 Networld Media Group, LLC. All rights reserved.
b'S1-NEW'