BSidesSF 2019

Automated Teller Machine (ATM) attacks are more sophisticated than ever before. Criminals have upped their game, compromising and manipulating ATM networks, software, and other connected infrastructure. Between having a third-party manage these machines and ATMs deployed on low-bandwidth links, it's an inevitable wild-west environment. In this talk I will review three case studies of ATM attacks, showing how they have become more dangerous than ever before.

In this session, I will discuss unknown ATM flaws our pentesting team has uncovered while performing testing, the various ways criminals are attacking ATMs, the many security problems that we have identified with ATM systems, and what can be done to prevent these attacks.

I will review three case studies of ATMs. One where the ATM security was extremely poor; One where the security was very good but the ATM still fell victim to an attack because we discovered a zero-day in the management software; And one where the security was just right- but its specific deployment had some major flaws that ultimately led to an ATM compromise. In this last case, the attackers side-loaded an application, and were able to run a criminal ring that led to $7M USD in losses.