The FBI is warning banks that cyber criminals are preparing to carry out a highly choreographed, global fraud scheme known as an “ATM cash-out”, where criminals hack a bank or card processor and use cloned cards at ATM machines in order to withdraw millions of dollars in a short time frame.
“The FBI has obtained unspecified reporting indicating cyber criminals are planning to conduct a global Automated Teller Machine (ATM) cash-out scheme in the coming days, likely associated with an unknown card issuer breach and commonly referred to as an ‘unlimited operation”.
The FBI shared the alert above with banks on August 10th, 2018 in a private confidential release. The FBI also stated that unlimited operations compromise a financial institution or payment card processor with malware in order to access bank customer card information and exploit network access, enabling large scale theft of funds from ATMs. The perpetrators also alter account balances and security measures to make an unlimited amount of money available at the time of the transactions, allowing for large amounts of cash to be quickly removed from the ATM.
The FBI is urging banks to review how they’re handing security, such as implementing strong password requirements and two-factor authentication using a physical or digital token when possible for local administrators and business critical roles.
Other tips in the FBI advisory suggested that banks:
-Implement separation of duties or dual authentication procedures for account balance or withdrawal increases above a specified threshold.
-Implement application whitelisting to block the execution of malware.
-Monitor, audit and limit administrator and business critical accounts with the authority to modify the account attributes mentioned above.
-Monitor for encrypted traffic (SSL or TLS) traveling over non-standard ports.