Key Benefits:

  • Protection for the critical ATM/POS software layer from malware attacks
  • Continuous protectioneven when no networkconnectivity
  • Supports legacy and newer Windows version via a single agent

Over the past decade, ATM and POS malware has developed rapidly. The FBI has repeatedly warned about cash-out schemes involving malware attacks to gain ATM or POS control and access to customer data and funds. Europol highlighted the emerging threat of ATM malware as it warned that incidents of ATM targeting are likely to rise in the future.
Cyberwall will protect your ATM and POS devices from these types of threats with unique and effective tools and provide 24x7 monitoring.

Breach Protection for ATM & POS

The success of jackpotting and other malware-enabled attacks on ATMs highlight the challenges of protecting ATM devices against motivated adversaries. In 2016, hackers in Japan stole $13 million USD from ATMs in a three-hour, 14,000 withdrawal spree. In Taiwan, hackers breached a major domestic bank in the same year and used malware to withdraw more than $2 million USD from dozens of ATMs. A similar crime also occurred in August 2018, in which an India-based bank system was hacked via a malware attack on its ATM server and nearly $13.5 million USD was successfully siphoned off. These devices often use older hardware and operating systems, lack reliable network connectivity for updates,and are difficult to manage. As the result, it’s impractical to rely solely on traditional technologies such as antivirus and application whitelisting for safeguarding these critical assets. ATM attacks bypass such baseline security controls, allowing criminals to dispense cash and steal customer data.
The POS network and devices in a number of big retail stores and restaurants' chains have also been compromised causing millions of dollars in losses.
Minerva’s Anti-Evasion Platform is effective at protecting ATM and POS devices from these threats even when attackers bypass other security measures.

Safeguarding ATM Applications

Cyber-criminals employ specialized malware to interface with ATM software to dispense cash. Minerva’s Anti-Evasion Platform prevents malicious code from interacting with ATM middleware components such as XFS. As the result,even if malware finds a way to run on the ATM, it will be unable to direct the ATM application to take unauthorized actions. Upon preventing the attack, Cyberwall notifies the IT and Security teams about the security event. However, even if the organization is unable to respond to the incident right away, the ATM remains in a protected state, with the attackers failing to reach their objective.

Multi-Layered Protection

The Anti-Evasion Platform provides reliable and comprehensive safeguards against ATM malware. Each component reinforces the others to offer the widest threat coverage against the techniques used to bypass existing defenses. The Platform is designed to:

  • Prevent a broad spectrum of ATM malware, such as Ripper, Green Dispenser, and many others to block malicious code from interacting with ATM middleware and thwart unauthorized withdrawals.
  • Stop malicious code from being injected into the memory of ATM applications, a technique employed by malware such as ATMii.
  • Simulate the tracks malware leaves behind—the infection markers—to fool malware into refusing to run on the ATM, an approach useful for blocking malware such as Ploutus.
  • Disarm ATM malware by automatically mimicking security artifacts related to the environment that some ATM malware families, such as Tyupkin, are designed to avoid.

Built for the Real World

Our ATM security capabilities are built to meet the challenges of real-world ATM deployments. Our solution maintains its effectiveness even if the ATM is not connected to the network. The platform is compatible with all variants of Microsoft Windows, including older OS versions, and can operate even on under-powered systems. Moreover, the platform doesn’t require burdensome configuration or maintenance tasks.

Safeguards ATMs even when AV or app whitelisting fails
Designed for distributed, unattended operations.
Compatible with modern and legacy WIN OS and hardware.