ATM explosive attacks up 80 percent. Take cover!

Malware and fraud attacks continue to rise, too.

Atm explosion

ATM explosive attacks increased by as much as 80 percent in the first half of 2016, reveals a new report.

The European ATM Security Team (EAST) tracked 492 explosive attacks. Some used solid explosive material to pull off their heists, though they were a minority at 110 of the incidents. All the rest made use of gas.

But let's be frank. It doesn't matter that much to us what bad guys are using to blow up the cash machines.

EAST Executive Director Lachlan Gunn says while it's not good that thieves are conducting those types of attacks in the first place, the fact that those techniques are on the rise is extremely concerning.

As he explains in a blog post:

"This rise in explosive attacks is of great concern to the industry in Europe as such attacks create a significant amount of collateral damage to equipment and buildings as well as a risk to life.  The EAST Expert Group on Physical Attacks (EGAP) is working to analyse the attacks and to share intelligence best practice information across the industry and law enforcement that can help to mitigate the threat."

Let's frame it another way. Out of the approximately 1,600 physical attacks (including robbery and ram raids), explosive attacks registered across one quarter of those incidents and caused an average cash loss of €16,631 (approximately US $18,295).

That doesn't include any damage the explosives might have caused to a financial institution's properties and/or buildings. But as EAST is right to point out, those losses usually exceed the funds stolen in the attacks.

Atm crime

At the same time, let's keep things in perspective.

The €27 million lost to ATM physical attacks is but a fraction of the €174 million seized by Transaction Reversal Fraud (TRF) and other types of fraud. There were also about ten times as many incidents in that particular category of ATM attacks.

Meanwhile, logical attacks like jackpotting and 'cash out' campaigns registered only 28 incidents that collectively stole approximately €0.4 million from ATMs.

Computer criminals are always thinking of new, sometimes explosive ways to target financial institutions.

Sometimes they're after the cash stored in an ATM. Other times, they want access to an employee's email or customers' banking accounts.

For that reason, users should take extra care to protect their financial accounts with a strong, unique password and two-step verification (2SV). They should also watch out for phishing attacks, as should anyone who works at a bank or similar organization.

If ATM explosive attacks continue to increase, perhaps financial institutions should lend some extra thought to where they physically place their cash machines on their premises.

(Visited 2,229 times, 1 visits today)

Tags: ,

Smashing Security podcast
Check out "Smashing Security", the new weekly audio podcast, with Graham Cluley, Carole Theriault, and special guests from the world of information security.

"Three people having fun in an industry often focused on bad news" • "It's brilliant!" • "The Top Gear of computer security"

Latest episode:

,

7 Responses

  1. Kfee

    October 18, 2016 at 4:05 pm #

    I wonder if they might do what retail and fast food do and simply make it easier for thieves to get the cash so they'll stop with the blowing things up/killing employees. After all, it would be significantly cheaper to just let them have the money than deal with the collateral.

    • h3158 in reply to Kfee.

      October 19, 2016 at 10:00 am #

      That would be plain extortion. Once you start allowing that, there will be an influx of new criminals trying the same. Luckily, it's not all without risk for the criminals:
      http://www.gn-online.de/nachrichten/tueten-voller-bargeld-automatenknacker-tot-144328.html

  2. graphicequaliser

    October 20, 2016 at 3:10 pm #

    Simple solution – get rid of cash money, and force the world to use electronic forms of payment for everything. Robbers can then steal as much paper as they want – they won't be able to buy anything with it. The future – everyone has an electronic tag surgically implanted that allows them to buy and sell, and without it, you cannot transact anything.

    • coyote in reply to graphicequaliser.

      October 23, 2016 at 1:07 am #

      Because everyone should rely even more on electronics… no thank you. Besides: you try keeping a virtual economy healthy. It's not at all simple; if it was that simple don't you think it'd have been thought of before? How do you not understand the malware part though? We're having more malware attacks so we'll make it so we all have to pay through electronic means! Great logic.

      Not only would that inconvenience more people (e.g. I don't have a 'smart' phone nor do I want one and that isn't the full story) it would simply change the problem rather than resolving one. In some ways it'd be worse because malware adds a lot of complications.

      • graphicequaliser in reply to coyote.

        October 24, 2016 at 10:13 am #

        In the future I envisage, there would be no money (electronic or real) and societies would run on merit, social contributions and the like. Everyone would be regarded as equal but different, and entitled to food, water, shelter, love and clothing. The human species is simply not evolved enough yet to reach that stage at the moment, and, if Clinton gets in, nor will they ever be.

  3. Jim

    October 20, 2016 at 4:07 pm #

    I suppose one solution is to build the atm inside the store. Have noticed a few places where an atm is accessible inside the store. From the stores perspective it probably helps sales.

  4. coyote

    October 23, 2016 at 1:13 am #

    I think it sad that the focus here is on finances. I'm not surprised but it's still sad. Is money more important than lives? I guess for humans it often is (stupid as that is.. unless corpses can actually use money?).

Leave a Reply