ATM SECURITY WITH A ZERO-TRUST APPROACH

The digital revolution and technological innovation have had a major impact not only on the banking services offered to customers, but also on the bank-customer relationship.

The main challenge lies above all in the ability to keep up with new technologies and to have a long-term competitive advantage. Banks need to prepare themselves adequately to face these unprecedented challenges by adapting their strategies. One of those challenges is the implementation of security measures: cyber security attacks in the banking environment clearly represent a very pressing and growing threat worldwide.

Financial institutions face a number of challenges in making ATMs available 24 hours a day and ensuring maximum security. It is necessary to develop a cyber security strategy that understands the business environment, the sensitive information, the technical infrastructure supporting critical functions and the related threats.

Availability VS ATM network security

ATMs are critical devices that provide essential services to citizens and whose main objective is to ensure availability and reliability of service, without interruption.

However, from a self-service network security perspective, the lack of proactive update policies, coupled with the physical accessibility of these devices, creates a vulnerable environment that makes ATMs very difficult to protect with traditional cyber security technologies.

These devices are critical and therefore must be operational 24 hours a day, 365 days a year. The bank's main commitment to its customers is to ensure their security and stability, both in terms of software and hardware.

The features of an effective self-service management are:

  • The control of ATM operations, especially with regard to the development of software images and the on-site processes that technicians (often from third parties) carry out to maintain the terminals
  • The monitoring of potential threats and any unplanned physical activity on the device
  • The maximisation of the service level of ATMs

Cyber threats and the resulting attacks cause huge financial losses to banking organisations. According to industry reports, cyber criminals seem to be returning with increasing strength and with new malware variants capable of bypassing security systems.

Most of them succeed in gaining illegitimate access to XFS (extended financial services) middleware. The attack on the XFS layer poses a threat to several vendors and ATM models.

The implementation of a cyber security strategy ensures ATM security without disrupting operations when it’s based on a whitelisting platform, with the right set of protection technologies.

Zero Trust ATM protection model

Zero Trust is an ATM network security model based on the assumption that its infrastructure is already compromised. What does this mean?

  • The SW image may be compromised during upload.
  • The software distribution system may be compromised and enabled to send malicious packages.
  • The remote access system may be compromised to gain illegitimate access.
  • Unauthorised HW devices may be connected to your ATM.
  • The ATM's hard drive may be stolen for reverse engineering analysis.

ATM software security technologies based on the Zero Trust model directly involve operating systems, making them independent of hardware.

Furthermore, the Zero Trust strategy is based on the principle of “minimum privilege” and therefore the same settings do not have to be applied uniformly. The security policy must be adapted to the needs of the different groups of devices.

Lookwise Device Manager: the tailor-made ATM security solution

LDM is the centralised, modular solution designed for securing ATM networks.

It provides a comprehensive set of functions to ensure the protection and monitoring of critical devices. It adds an additional layer of control that allows users to perform customised remote actions to investigate or react to potential incidents.

By implementing an effective whitelisting strategy, critical devices can be protected without impacting operations and at the same time comply with regulations.

The security model follows three main rules:

  1. Defining a procedure for the secure development of a software image.
  2. Defining processes for safely performing on-site maintenance activities on the ATM.
  3. Defining 24/7 response and monitoring practices.

This maintains centralised control over software and hardware changes, with integrated visibility and management of network status and increased overall availability.

As a result, the bank can achieve a 98.4% improvement in the availability of the entire ATM network. In addition, 100% of the encrypted hard disks maintain the integrity of the software and hardware.

One of the main advantages of LDM is the centralisation of device network security, which ensures efficient control. Furthermore, by concentrating security operations on a single platform, the impact on device performance is minimal.

It is crucial to plan the security strategy that best conforms to the banking scenario, reacting to cyber threats in a timely manner.

ATM SECURITY

Find out more

TOP