Europol’s European Cyber Crime Centre (EC3) and Trend Micro, a global leader in cyber security solutions, have released a comprehensive joint report on the current state of ATM malware. ‘Cashing in on ATM Malware’ details both physical and network-based malware attacks on ATMs and highlights where the malware’s created.
ATM malware has evolved from requiring physical access to infect the machines to now successfully attacking network-based access using a bank’s corporate network. The joint report dissects recent attacks using bank networks to steal both money and credit card data from ATM machines, regardless of network segmentation. These attacks not only place at risk both personally identifiable information and large sums of money, but also put banks in violation of Payment Card Industry compliance standards.
“The joint industry-law enforcement report by Europol’s EC3 and Trend Micro shows that the malware being used has evolved significantly, while the scope and scale of attacks have grown proportionately,” said Steven Wilson, head of EC3. “While industry and law enforcement co-operation has developed strongly, ATM malware crime continues to thrive due to the major financial rewards available to the organised crime groups involved. Our report assesses the developing nature of the threat, and I very much hope that it serves as a blueprint for future industry and law enforcement co-operation.”
Hosted at Europol’s headquarters in The Hague, the European Cyber Crime Centre was launched in 2013 to co- ordinate cross-border law enforcement activities against cyber crime and to act as a centre of technical expertise on the matter.
Max Cheng, chief information officer for Trend Micro, stated: “Protecting against today’s cyber threats and meeting compliance standards require increased resources that are not always available for organisations, including those in the financial services industry. Public-private sector collaborations strengthen the global ongoing fight against cyber crime and help fill the resource gap for organisations. This report furthers Trend Micro’s commitment to helping law enforcement and private businesses mitigate future attacks and protect individuals.”