America's intelligence chiefs have warned banks of a major hacking threat to cash machines worldwide in the next few days. The FBI sent out a confidential alert on Friday to warn that cyber criminals are planning a global 'cash-out scheme' using malware to take over ATMs and steal millions of dollars.
Banks were warned that they could fall victim to an 'unlimited operation' in which millions of dollars could be withdrawn from cash machines. Smaller banks with less sophisticated security systems are thought to be most vulnerable to an attack using the 'jackpotting' technique, the Daily Telegraph reports.
The warning said: 'The FBI has obtained unspecified reporting indicating cyber criminals are planning to conduct a global Automated Teller Machine (ATM) cash-out scheme in the coming days, likely associated with an unknown card issuer breach.'
The website Krebs On Security reported that criminals could create 'fraudulent copies' of bank cards by installing their data on reusable magnetic strip cards.
The FBI warned that 'at a pre-determined time, the co-conspirators withdraw account funds from ATMs using these cards.'
'Historic compromises have included small-to-medium size financial institutions, likely due to less robust implementation of cyber security controls, budgets, or third-party vendor vulnerabilities,' the alert said.
Attacks could affect banks all over the world with British banks with large overseas interests including Barclays and HSBC thought to have been made aware of the danger from the 'jackpotting' technique.
Earlier this year it was revealed that a co-ordinated group of hackers had stolen more than $1million by hijacking cash machines in the U.S.
The spate of attacks represented the first widespread jackpotting activity in the United States, officials said in January.
The heists, which involved hacking ATMs to rapidly shoot out torrents of cash, were across the United States spanning from the Gulf Coast to New England.
An alert at the time from an ATM maker said the method included gaining physical access, replacing the hard drive and using an industrial endoscope to depress an internal button required to reset the device.
A U.S. Secret Service alert sent to banks in January said machines running Windows XP were more vulnerable and encouraged ATM operators to update to Windows 7 to protect against the attack.
Hackers have moved from stealing payment card numbers and online banking credentials to more lucrative hacks on bank networks, giving them access not only to ATM machines, but also to electronic payment networks.
In 2016 it was reported that cyber criminals had remotely attacked cash machines in more than a dozen countries across Europe.
http://www.dailymail.co.uk/news/article-6056189/FBI-warns-cyber-criminals-plotting-mass-hack-against-bank-ATMs.html ....
Odd news story.
In theory, the FBI focuses mainly on north america with the CIA, NSA and other organizations focusing more on the global side of things. That could make it a bit strange for the FBI to come forward with this story given that other intelligence organizations around the world could arguably have more access to funding and resources.
Lack of details might hint at this threat being largely unconfirmed.
This is a strange warning altogether. I wonder if people will withdraw funds from bank accounts in an attempt to defend against this.