The FBI is warning of an “imminent” global cyberattack on ATM machines that could result in millions of dollars withdrawn from bank accounts far and wide, in a similar “cash-out” attack to one in 2009 which hit ATMs worldwide to the tune of $9 million.
“The FBI has obtained unspecified reporting indicating cyber criminals are planning to conduct a global Automated Teller Machine (ATM) cash-out scheme in the coming days, likely associated with an unknown card issuer breach and commonly referred to as an ‘unlimited operation’,” according to an FBI alert to banks that was obtained by noted cybersecurity expert Brian Krebs.
Krebs describes it as a “highly choreographed, global fraud scheme known as an “ATM cash-out,” in which crooks hack a bank or payment card processor and use cloned cards at cash machines around the world to fraudulently withdraw millions of dollars in just a few hours.”
“Historic compromises have included small-to-medium size financial institutions, likely due to less robust implementation of cyber security controls, budgets, or third-party vendor vulnerabilities. The FBI expects the ubiquity of this activity to continue or possibly increase in the near future,” the FBI statement reads.
In other words, financial institutions which haven’t upgraded to the latest and greatest in security measures are vulnerable to attack. And since banks will likely reimburse anyone affected by the breach, the FBI’s warning should particularly interest small-to-mid sized banks using outdated technology.
In July, two similar “unlimited operation” attacks resulted in losses of $2.4 million from the National Bank of Blacksburg according to Krebs, who broke the story.
In both cases, the attackers managed to phish someone working at the Blacksburg, Virginia-based small bank. From there, the intruders compromised systems the bank used to manage credits and debits to customer accounts.
The 2016 unlimited operation against National Bank began Saturday, May 28, 2016 and continued through the following Monday. That particular Monday was Memorial Day, a federal holiday in the United States, meaning bank branches were closed for more than two days after the heist began. All told, the attackers managed to siphon almost $570,000 in the 2016 attack.
The Blacksburg bank hackers struck again on Saturday, January 7, and by Monday Jan 9 had succeeded in withdrawing almost $2 million in another unlimited ATM cashout operation. -Krebs On Security