We don’t need to research the web to learn that, for the last 3 years, attacks on ATMs have caused the greatest loss of money in the history of cyber-attacks worldwide. A multinational gang of cybercriminals infiltrated more than 100 banks across 30 countries and made off with up to one billion dollars over a period of roughly two years.
A global posse of cyber thieves, armed with laptops in place of guns, hacked into financial institutions and stole $45 million from automated teller machines in a first-of-its-kind heist made for the 21st century, authorities in New York said Thursday.
Over a seven-month period, authorities said, hackers broke into computer networks of financial companies in the United States and India and eliminated the withdrawal limits on prepaid debit cards.
It is a reality that crime has overcome and outnumbered the police in strategy and management of technological components to commit new Cyber fraud.
Today is much more profitable to “hack” an ATM than to go out and rob a bank with a mask and gun.
Physical and logical security that banks have implemented no longer pose a significant safety measure.
There are criminal groups that invest in buying their own ATM machines, buy software licenses from ATM supplier and then use that information to set new and better tools of fraud aimed attack the ATM’s safety.
mLogica ATM Krypto Shield™ is a sophisticated solution that offers the highest level of ATM machine security. It is designed to avoid logical attacks on the operating system, ATM software system and other third party applications.
ATM Krypto Shield’s™ redefying architecture adapts to today’s global ATM attacks, minimizing the risk of banking fraud from the ATM network.
With over 10 years of experience in cyber security product development, with hundreds of penetration testing controls, and detail attention to all attacks on the ATM, ATM Krypto Shield™ is an ultra-high performance security solution that meets all the specifications of the largest ATM suppliers in the world. mLogica ATM Krypto Shield™ has an online monitoring tool of which banks can see in “real time” the status of their ATMs. Within seconds the bank can received alerts on anomalies, system crashes and intrusions.
ATM Krypto Shield is already protecting over 50 banks against the following attacks
Buffer Over Flow Attacks
- OS exploits
- Provider App exploits
Local Users Attacks
- Account Password Change
- Account Creation
- GPO Changes
- Create / delete files
- Create / delete REG values
- Stop or create process
- DLL Malware
- EXE Malware
- MSI Malware
- OS bug Malware
Privilege Escalation Attacks
- DEP Attacks
- DLL Injection
- Memory Injection
ATM Krypto Shield Protection
- Restrictions on unauthorized software
- Malware protection for ATMs
- Protection on a memory level
- Prevention on scalability privileges
- More than 13,000 rules of integrity
- Protection against alterations or replacement on the DLL, executables or scripts
- DEP protection (Data Execution Prevention)
- Protection against Memory Injection
- More than 200 security controls on a GPO level
- Protection against breach of information from the ATM
- Prevents creation or executions of new files and/or processes
- Correlations of events on real time
- Threat Analysis and alert generation in real time
ATM Krypto Shield Hardening and Monitoring
- Of the Operating System
- Of the provider software (Aptra, Agilis, Procash)
- Of the 3rd party software in the ATM
- Sign of all the DLLs, EXEs, MSIs and Batch files in the ATM
- Implementing a security template GPO edited for Windows 7 ATMs
Monitoring (More than 150 activities monitored)
- Of processes running in the ATM (running, creating or stopping process)
- Of the DLLs, EXEs, MSIs and Batch files signed in the ATM
- The security GPO implemented (Group Polices Object)
- Application Events, Security Events, Installation events, OS events
- Correlation of security events in real time
- ATM Hardware device errors
- User activity in the ATM
Security Expert Services
- External Penetration Testing
- Internal Penetration Testing
- Wireless Networks Penetration Testing
- Social Engineering Penetration Testing
- ATM Penetration Testing
- SAP Penetration Testing
- SCADA Penetration Testing
- Credit Card Controls Audits
- PCI-DSS, PA-DSS, PCI-PTS, and ISO Audits
- Perimeter and ATM Protection Audits
- ATM Operating System and Application Audits
- ATM Binary Security and Anti-Malware Audits
- ATM Frequency Spectrum Audits
- ATM Communication and Standards Audits