Logical attacks (i.e. malware & black box attacks) can impact any ATM architecture across the industry if basic security configurations are not employed. It is critical that all ATM operators remain proactive and vigilant, and support those efforts with multi-layered, logical and physical security strategies.
Edge One and NCR would like to remind all customers of the key, major recommendations for securing your ATM fleet:
- Prevent booting from a removable media (including disabling auto play)
- BIOS editing must be password protected
- Establish an adequate operational password policy for all passwords
- Implement communications encryption (SSL encryption or VPN)
- Establish a firewall
- Remove unused services and applications
- Deploy an effective anti‐virus mechanism
- NCR recommends active whitelisting applications which go beyond traditional antivirus programs – specifically the deployment of Solidcore Suite for APTRA ™
- Establish a policy for secure software upgrades
- Ensure the application runs in a locked down account with minimum privileges required.
- Define different accounts for different user privileges
- Establish a regular patching process for all software installed
It is important to consider the environment, and scale the physical security protecting the ATM accordingly. ATMs in unattended public locations are at highest risk.
The following best practice guidelines for all ATM’s are strongly recommended, but specifically for those in higher risk ATM environments.
- Utilize an alarm that will alert when the Top Box is opened
- NCR Skimming Protection Solution provides this functionality
- NCR also recommends the use of other deterrence methods such as;
- Surveillance monitoring, which will also detect and record suspicious activities around the ATM
- Adequate ambient lighting