Source: The Nation
Commercial banks in Thailand have boosted security to prevent unauthorised access to their automatic teller machines as cybercriminals are reportedly planning to carry out a large-scale global ATM attack.
According to The Star newspaper, the United States’ Federal Bureau of Investigation (FBI) has received an “unspecified report” that a global attack on ATMs could happen in coming days.
Kitti Kosavisutte, chairman of the Thailand Banking-Computer Emergency Response Team (TB-CERT), said the attack warning was believed to have come from a cybersecurity event, but he noted that Thai banks are well-prepared at this stage.
He said Thai banks have recently tightened their control system to prevent unauthorised computer programs from entering the national ATM network, so it would be difficult to hack into the system. Based on The Star report, the attack is likely to compromise banks or card processors with malware, which would give the hackers access to the banks’ network and ATM card details, which will allow the hackers to freely withdraw cash.
“The FBI has obtained unspecified reporting indicating cybercriminals are planning to conduct a global automated teller machine [ATM] cash-out scheme in the coming days, likely associated with an unknown card issuer breach and commonly referred to as an ‘unlimited operation’,” a blog post by veteran cybersecurity journalist Brian Krebs read.
Krebs explained that in an “unlimited operation” attack, the hackers typically remove limits such as withdrawal amount and number of transactions. However, Kitti said the Thai ATM network’s control system has been tightened and updated to ensure a high level of security. He also pointed out that most ATM cards in Thailand have an embedded chip, so the risk is not that high.
It was easier to skim ATM cards before because they had a magnetic strip, he pointed out.
Many Thai banks have moved millions of customers to online and mobile platforms. For example, Kasikornbank now has about 9 million customers using its mobile apps. However, many customers still use ATMs for cash withdrawal and other transactions.
According to The Star’s report, previous compromises have included small-to-medium size financial institutions, likely due to less robust implementation of cyber-security controls.
“The FBI expects the ubiquity of this activity to continue or possibly increase in the near future,” the alert said. “The cyber-criminals typically create fraudulent copies of legitimate cards by sending stolen card data to co-conspirators who imprint the data on reusable magnetic strip cards, such as gift cards purchased at retail stores.
“At a pre-determined time, the co-conspirators withdraw account funds from ATMs using these cards,” the FBI said.