Securing an ATM or payment terminal in the center of a large city is not difficult. They have no problem with internet access, and specialist teams are on hand when needed. However, the situation is different when the device is in a remote area, where the nearest IT expert is far away and the internet connection is unstable.
People who work remotely use ATMs, which are an undisputed social good. For many people, they are the only way to get cash or pay for services. Consequently, such devices must be properly secured.
The operation of terminals and ATMs depends on the level at which the security solution installed in it copes with the latest threats – in other words, whether it is regularly updated. Let’s see what problems can arise when securing such devices, as well as what functions security software needs to overcome threats.
Ease of access. In rural areas, distance is interpreted somewhat differently. If the police take an hour to get to an ATM, the IT worker will certainly not be faster. Therefore, the appropriate solution must support remote management and installation of updates.
Poor communication. Even in developed countries, appropriate provisions are used in the event of lack of access to wired Internet or unstable cellular network. In some places, the ATM’s only communication channel is the 3G modem, which is having trouble getting the job done properly, even at maximum speed. The transmission of transaction data and banking software updates must be reliable and secure, so the solution must be able to deliver updates even via a weaker channel without overloading the system with traffic.
Cheap equipment. Small villages are unlikely to have the latest models of ATMs. There is also no guard nearby who could scare away any entrepreneurial thief trying to blow him up to gain access to the cash it contains. For this reason, smaller communities tend to use a device with an older processor and operating system – so its security solution must be able to run on outdated hardware and secure an operating system that no longer receives updates.
Wilderness. In a large city, a payment terminal or ATM is almost never installed where it will not be seen. This is no coincidence – the attackers have such privacy that they can connect an external device to it. Cyber criminals do not necessarily need access to cash trays; they may try to steal card details or modify the system so that transfers go to another account. Therefore, the ATM protection solution must not only detect the latest malicious programs, but must also be able to monitor changes to critical files and registry, and block attempts to connect external devices and install third-party programs.
These key issues characterize the latest version of Kaspersky Embedded Systems Security. Our experts have optimized the data transfer process, making our product even easier to manage and update, even in the case of a poor connection used for communication. More importantly, the data exchange does not conflict with the basic functions of the device.
In addition, the solution includes a new module that protects against network attacks. It manages incoming and outgoing traffic, and can block data exchange when it notices malicious network activity. It can also identify port scans, brute force attacks, and ATM shutdown attempts via DoS attack.