27 September 2017
By Bryan Smyth
bryan@TheCork.ie
Trend Micro, with EMEA headquarters in Cork, and Europol’s European Cybercrime Centre (EC3) have released a comprehensive report on the current state of ATM Malware. “Cashing in on ATM Malware” details both physical and network-based malware attacks on ATMs, as well as highlights where the malware is created.
ATM malware has evolved from requiring physical access to infect the machines to now successfully attacking network-based access using the bank’s corporate network. The report dissects recent attacks using bank networks to both steal money and credit card data from ATM machines, regardless of network segmentation. These attacks not only risk personally identifiable information (PII) and large sums of money, but also put banks in violation of PCI compliance standards.
“The joint industry – law enforcement report by Europol’s EC3 and Trend Micro shows that the malware being used has evolved significantly and the scope and scale of the attacks have grown proportionately. While industry and law enforcement cooperation has developed strongly, the crime continues to thrive due to the major financial rewards available to the organized crime groups involved. This report assesses the developing nature of the threat. I hope that it serves as a blueprint for future industry and law enforcement cooperation,” said Steven Wilson, Head of EC3.
“Protecting against today’s cyber threats and meeting compliance standards require increased resources that are not always available for organizations, including those in the financial services industry,” said Max Cheng, chief information officer for Trend Micro. “Public-Private Partnership strengthen the global, ongoing fight against cybercrime, and help fill the resource gap for organizations. This report furthers Trend Micro’s commitment to helping law enforcement and private businesses mitigate future attacks and protect individuals.”
In addition to the public report, a limited-release version is available to law enforcement authorities, financial institutions and the IT security industry. This private report provides greater detail for public and private organizations to harden ATM and network systems and prevent future attacks against financial institutions.
For the complete public report, please visit: https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/shift-in-atm-malware-landscape-to-network-based-attacks
About Trend Micro
Trend Micro Incorporated, a global leader in cybersecurity solutions, helps to make the world safe for exchanging digital information. Our innovative solutions for consumers, businesses, and governments provide layered security for data centers, cloud environments, networks and endpoints. All our products work together to seamlessly share threat intelligence and provide a Connected Threat Defense with centralized visibility and control, enabling better, faster protection. With more than 5,000 employees in over 50 countries and the world’s most advanced global threat intelligence, Trend Micro enables organizations to secure their journey to the cloud. For more information, visit www.trendmicro.com.
About EC3
Hosted at Europol’s headquarters in The Hague, the Netherlands, the European Cybercrime Centre (EC3) was launched in 2013 to coordinate cross-border law enforcement activities against cybercrime and to act as a centre of technical expertise on the matter. For more information, visit: www.europol.europa.eu/ec3