ATM Terminal Security Issues Discussed in Vilnius

This January a seminar on banking ATM terminal security, as well as protective software installation and configuration was held for BS/2 engineers and its subsidiaries from Latvia, Azerbaijan and Kyrgyzstan, at the Penki kontinentai head office in Vilnius. For almost two weeks, Elisabeth Baum, a senior consultant at Diebold Nixdorf, who specially came to Lithuania from Germany, shared her experience with company employees.

- Ms. Baum, the year 2017 marked dramatic changes in terms of cyber threats for banks; using malicious software intruders not only withdrew money from almost any financial institution, but also infected its ATMs from the banks’ networks. Moreover, attacks on ATMs have become so popular that Malware-as-a-service is now available. In the so-called dark net, one can easily buy all the necessary malware, along with the video instructions of its usage. How to deal with this?

- Indeed, various physical and logical threats pose a great danger to any bank, as potential disruptions in the course of transactions can negate both its reputation, and customers' trust.

On the other hand, customers’ personal data protection is a paramount task for any financial company, and, if the so-called "sensitive" information is stolen, a bank bears both material and reputational costs. Therefore, in order to protect the businesses and their customers as much as possible, we at Diebold Nixdorf have developed a multi-level protection software system for unattended devices against fraud and vandalism at physical as well as logical levels.

- What specific topics you have discussed during the training course?

- The purpose of this seminar was to familiarize specialists with the new Diebold Nixdorf software, the features of its application, installation and configuration in terminal networks. Also, we examined the features of the terminal part of ATMs – and my audience had not only the opportunity to learn more about it, but also to share their experience with colleagues from other regions, ask their questions and discuss problems that arise in the course of their work.

- If possible, tell us about your developments in more detail...

- Installed already in hundreds of thousands of ATMs worldwide, the Terminal Security Suite includes three functional modules, each of which is a separate solution designed to protect the terminal part from a particular set of threats. This includes, firstly, Hard Disk Encryption solution which protects the privacy and integrity of data from unauthorized downloads or accesses in the event of system failure, ensuring that hard disk might be accessed only in the original (and completely secure) environment. Second, the Intrusion Protection module: it protects ATMs from various network and local attacks in which malware is used. This is, so to say, ATM complete hardening. And, finally, the Access Protection module which restricts system users access rights, and monitors all their actions, in order to minimize the network areas susceptible to attack.

- Thank you for the conversation.