ATM Terminal Security Issues Discussed in Vilnius

This January (2018), a seminar on banking ATM terminal security and protective software installation and configuration was held for BS/2 engineers and its subsidiaries from Latvia, Azerbaijan, and Kyrgyzstan Penki kontinentai head office in Vilnius. For almost two weeks, Elisabeth Baum, a senior consultant at Diebold Nixdorf, who specially came to Lithuania from Germany, shared her experience with company employees.

– Ms. Baum, the year 2017 marked dramatic changes in terms of cyber threats for banks; using malicious software intruders not only withdraw money from almost any financial institution but also infected its ATMs from the banks’ networks. Moreover, attacks on ATMs have become so popular that Malware-as-a-service is now available. In the so-called darknet, one can easily buy all the necessary malware, along with the video instructions of its usage. How to deal with this?

– Indeed, various physical and logical threats pose a great danger to any bank, as potential disruptions in the course of transactions can negate both its reputation and customers’ trust.

On the other hand, customers’ personal data protection is a paramount task for any financial company. If the so-called “sensitive” information is stolen, a bank bears both material and reputational costs. Therefore, to protect the businesses and their customers as much as possible, we at Diebold Nixdorf have developed a multi-level protection software system for unattended devices against fraud and vandalism at physical and logical levels.

– What specific topics have you discussed during the training course?

– The purpose of this seminar was to familiarize specialists with the new Diebold Nixdorf software, the features of its application, installation, and configuration in terminal networks. Also, we examined the features of the terminal part of ATMs – and my audience had the opportunity to learn more about it and share their experience with colleagues from other regions, ask their questions, and discuss problems that arise in their work.

– If possible, tell us about your developments in more detail…

– Installed already in hundreds of thousands of ATMs worldwide, the Terminal Security Suite includes three functional modules, each of which is a separate solution designed to protect the terminal part from a particular set of threats. This includes, firstly, a Hard Disk Encryption solution that protects the privacy and integrity of data from unauthorized downloads or accesses in the event of system failure, ensuring that hard disk might be accessed only in the original (and completely secure) environment. Second, the Intrusion Protection module: protects ATMs from various network and local attacks in which malware is used. This is, so to say, ATM complete hardening. Finally, the Access Protection module restricts system users’ access rights and monitors all their actions to minimize the network areas susceptible to attack.

– Thank you for the conversation.