Europol has published updated guidelines to help industry and law enforcement counter the ATM Logical Attack threat.  The new document was officially launched at the 1st EAST Global Congress, which took place on Thursday 16th June 2022 at Europol’s HQ in The Hague.  Production of the document was coordinated by the EAST Expert Group on All Terminal Fraud (EGAF).

It has three sections:

  1. Description of Modi Operandi
  2. Mitigating the risk of ATM Logical Attacks, Setting up Lines of Defence
  3. Identifying and responding to Logical Attacks

This latest version has many updates including improved advice on lines of defence and countermeasures, and a direct link (QR code) to the countermeasures published by EAST.

The original Guidelines were published in 2015, with a first update in 2018.  They have been acknowledged as being of great value by both the industry and law enforcement, and the low success rate of ATM logical attack levels in Europe can no doubt be attributed to the fact that this guidance has been widely followed.

Lachlan Gunn, EAST Executive Director, said “This latest version draws upon feedback and expertise from both law enforcement and the private sector, cemented by a working partnership between Europol and EAST EGAF.  We are very grateful to Edvardas Šileris, Head of Europol’s European Cybercrime Centre (EC3), and his team at for making this possible.  I would like to thank Otto de Jong (ING Bank and EAST EGAF Chair) and Christian Beine (Diebold Nixdorf) for their key role in leading this exercise, and to also extend my thanks to GMV, INTERPOL, NCR, TMD Security and Trend Micro for their invaluable work and contributions”. 

ATM Logical Attacks

Pictured above at the launch are (Left to right) Lachlan Gunn, Edvardas Šileris, and Otto de Jong.

Circulation of the document is restricted to Law Enforcement and to the banking and payments industry, which includes EAST Members (National, Global, and Associate).