Preventing Physical ATM Attacks – advice in all EU Languages

physical ATM attacksTo counter the increase in physical ATM attacks in Europe, affecting an increasing number of European countries, the European Crime Prevention Network (EUCPN) and Europol organised a conference (January 2019) bringing together law enforcement and public and private partners to look at the prevention of this crime. EAST was represented at the event by Executive Director Lachlan Gunn.  The output was a recommendation paper summarising the conclusions of the conference and aimed at raising authorities’ awareness of physical ATM attacks and preventive measures.

This recommendation paper has now been translated into all the EU languages and is available for download from the EUCPN website.

In the most recent European Payment Terminal Crime Report published by EAST on 13 October 2020, and covering the first 6 months of this year, ATM explosive attacks (including explosive gas and solid explosive attacks) were up 0.4% (from 503 to 505 incidents). Losses due to physical ATM attacks were €12.6 million, an 11% increase from the €11.4 million reported during the same period in 2019. This increase was driven by a rise in losses due to explosive and gas attacks, which were up 49% from €5.1 million to €7.6 million.

Black Box attacks increase across Europe

Black BoxEAST has just published a European Payment Terminal Crime Report covering the first six months of 2020 which reports a sharp increase in Black Box attacks on European ATMs.

ATM malware and logical attacks against ATMs were up 269% (from 35 to 129) and all the reported attacks were Black Box attacks. A Black Box attack is the connection of an unauthorised device which sends dispense commands directly to the ATM cash dispenser, in order to ‘cash-out’ or ‘jackpot’ the ATM. Related losses were up from less than €1,000, to just over €1 million.

EAST Executive Director Lachlan Gunn said, “Overall crime at terminals has decreased during the lockdown phase of the pandemic. While this rise in Black Box attacks is of concern, most such attacks remain unsuccessful. Our Expert Group on All Terminal Fraud (EGAF) is focussed on addressing this issue, with close cooperation between industry partners and law enforcement. In January 2019 EGAF worked with Europol to update a document, published by Europol, entitled ‘Guidance & recommendations regarding logical attacks on ATMs’. This is currently available in English, French, German, Russian, Spanish and Turkish”.

Terminal related fraud attacks were down 66% (from 10,723 to 3,631 incidents). Card skimming fell to another all-time low (down from 731 to 321 incidents) and transaction reversal fraud (TRF) at ATMs decreased by 97% (down from 3,405 to just 108 incidents). Total losses of €109 million were reported, down 12% from the €124 million reported during the same period in 2019.

ATM related physical attacks were down 23% (from 2,376 to 1,829 incidents). Attacks due to ram raids and ATM burglary were down 34% (from 610 to 405 incidents) and ATM explosive attacks (including explosive gas and solid explosive attacks) were up 0.4% (from 503 to 505 incidents). Losses due to ATM related physical attacks were €12.6 million, an 11% increase from the €11.4 million reported during the same period in 2019. This increase was driven by a rise in losses due to explosive and gas attacks, which were up 49% from €5.1 million to €7.6 million.

A summary of the report statistics under the main headings is in the table below.

The full Crime Report is available to EAST Members (National, Global and Associate)

 

EAST EGAP holds 14th Meeting

The 14th Meeting of the EAST Expert Group on ATM and ATS Physical Attacks (EGAP) took place on Wednesday 2nd September 2020.  Due to the Covid-19 situation, it was conducted as a virtual meeting and was chaired by Graham Mott of  the LINK Scheme.

The meeting was attended by 40 key representatives from Law Enforcement, Terminal Deployers, ATM Networks and Security Equipment Vendors.

  • Europol gave a central assessment of the ATM physical attack situation in Europe.
  • The ECB gave an update on the latest developments of its Intelligent Banknote Neutralisation (IBNS) Policy.
  • National Threat Assessments were shared by representatives from 15 countries:
CountryUpdate(s) Given By
AustriaPayment Services Austria (PSA)
CroatiaMUP - Ministry of the Interior
DenmarkPetersen-Bach
FinlandAutomatia
FranceGendarmerie - OCLDI
GermanyBKA
IrelandAn Garda Siochana
ItalyMIB
LuxembourgService de Police Judiciare
NetherlandsNational Police, ING Bank
PortugalPolicia Judiciare, Policia de Seguranca Publica
South AfricaSABRIC
SpainSpanish National Police, Guardia Civil, Autonomous Police of Catalonia
SwitzerlandFederal Office of Police (FEDPOL)
United KingdomSaferCash/West Midlands Police (ROCU)

Experts from the following organisations also contributed to the meeting:  ATM Safe, Barclays, Cennox, Diebold Nixdorf, Feerica S.A., HSBC, NCR, Oberthur Cash Protection, Professional Witnesses Group, Scotia Security Group, Spinnaker, TMD Security.

EAST EGAP is a European specialist expert forum for discussion of ATM and ATS related physical attack trends, attack methodologies and counter-measures, threat protection, and for the provision of regularly updated lists of manufacturers of ATM protective devices. The latest lists can be downloaded from the ‘Stained Banknotes’ page on this website (bottom of page).

The Group meets twice each year to enable in-depth and technical discussion to take place. The areas covered include:

  • The latest incidents and criminal MOs
  • The collection and distribution of best practice guidelines
  • The evolution of threats and counter-measures
  • Lessons from and on law enforcement

Terminal fraud attacks increase in Europe

terminal fraudEAST has just published a European Payment Terminal Crime Report covering 2019 which reports that terminal fraud attacks were up 35%.

Terminal related fraud attacks rose from 13,511 to 18,217 incidents, mainly driven by an 87% increase in ATM transaction reversal fraud attacks (up from 4,843 to 9,054 incidents), while card skimming incidents fell 21% to an all-time low (down from 1,883 to 1,496 incidents).

EAST Executive Director Lachlan Gunn said, “Despite the overall rise in terminal fraud incidents, total reported losses were almost unchanged. Transaction reversal fraud losses did rise from €2.6 million to €5.2 million, but the continued drop in skimming incidents has helped to keep the overall loss position stable.”

Total losses of €249 million were reported, up 1% from the €247 million reported in 2018. Overall losses due to card skimming were unchanged and losses due to card trapping were down by 14% (from €2.9 million to €2.5 million).

ATM related physical attacks were up 0.5% (from 4,579 to 4,571 incidents). Attacks due to ram raids and ATM burglary were down 11% (from 1,256 to 1,122 incidents) and ATM explosive attacks (including explosive gas and solid explosive attacks) were down 7% (from 1,052 to 977 incidents). Losses due to ATM related physical attacks were €22 million, a 39% decrease from the €36 million reported in 2018.

The average cash loss for a robbery is estimated at €20,369 per incident, the average cash loss per explosive or gas attack is €10,735 and the average cash loss for a ram raid or burglary attack is €9,377. These figures do not take into account collateral damage to equipment or buildings, which can be significant and often exceeds the value of the cash lost in successful attacks.

A total of 140 ATM malware and logical attacks were reported, down from 157 in 2018, an 11% decrease. All the reported attacks were ‘cash out’ or ‘jackpotting’ attacks. In 118 attacks equipment typically referred to as a ‘black box’ was used, and malware was used in the other 22 attacks. Related losses were up 142%, from €0.45 million to €1.09 million.

A summary of the report statistics under the main headings is in the table below.

The full Crime Report is available to EAST Members (National, Global and Associate)

EAST EGAP holds 13th Meeting in The Hague

The 13th meeting of the EAST Expert Group on ATM and ATS Physical Attacks (EGAP) took place on Tuesday 3rd March 2020 in The Hague.

EAST EGAP is a European specialist expert forum for discussion of ATM and ATS related physical attack trends, attack methodologies and counter-measures, threat protection, and for the provision of regularly updated lists of manufacturers of ATM protective devices. The latest lists can be downloaded from the ‘Stained Banknotes’ page on this website (bottom of page).

The meeting was chaired by Mr Graham Mott of the LINK Scheme and was attended by key representatives from Law Enforcement, Terminal Deployers, ATM Networks and Security Equipment Vendors.  Europol gave a central assessment of the ATM physical attack situation in Europe and National Threat Assessments were shared by representatives from fifteen countries.

A presentation was given by ESTA, the Cash Management Companies Association and an update from the European Central Bank (ECB) was shared.

EAST EGAP, which meets twice each year, enables in-depth and technical discussion to take place. The areas covered include:

  • The latest incidents and criminal MOs
  • The collection and distribution of best practice guidelines
  • The evolution of threats and counter-measures
  • Lessons from and on law enforcement

50th EAST Meeting hosted by PSA in Vienna

The 50th EAST Meeting (National Members) was hosted by Payment Services Austria (PSA) in Vienna on 12th February 2020. The meeting was chaired by Martine Hemmerijckx of Worldline NV/SA, who co-founded EAST with Lachlan Gunn, EAST Executive Director, in 2004.

This was a milestone meeting and the last in the current format as, in June 2020, EAST will hold its 1st Global Congress.  In recognition of her work in founding and supporting EAST, and on behalf of the EAST Board and members, Lachlan presented Martine with an award.

National country crime updates were provided by 20 countries, and a global update by HSBC.  Topics covered included payment fraud and the continuing evolution of payment technology and related threats, terminal related fraud attacks, malware and logical attacks, and ATM related physical attacks.

The Criminal Intelligence Service Austria presented on the prevention of e-commerce fraud.  The European Cybercrime Centre (EC3) at Europol gave a presentation on forthcoming Europol activities for 2020, with a specific focus on Carding Action Week (CAW) .  This was followed by a presentation from the Gulf Cooperation Council Police (GCCPOL) that gave an update on payment and fraud issues seen by their 6 member countries.

Presentations were also given by the EAST Payments Task Force (EPTF) and the EAST Expert Group on All Terminal Fraud (EGAF).  An update was given by the EAST Expert Group on ATM and ATS Physical Attacks (EGAP).

EAST Fraud Update 1-2020 will be produced later this month, based on the national country crime updates provided at the 50th EAST Meeting.  EAST Fraud Updates are available on the EAST Website to EAST Members.

EAST FCS ATM Physical Attacks Seminar 2019

ATM Physical Attacks

ATM Physical AttacksAn EAST FCS ATM Physical Attacks Seminar was held on 9th October 2019 in London, co-located with RBRs ATM & Cyber Security 2019 Conference. The interactive event followed the basic structure of work group meetings held by the EAST Expert Group on ATM & ATS Physical Attacks (EGAP). This group, which meets twice a year, provides a platform for law enforcement and private sector experts to come together and share attack information, trends and statistics in a structured manner.

ATM Physical AttacksThe event was chaired by Sarah Staff of SaferCash.  EAST Executive Director Lachlan Gunn gave an overview of EAST and EGAP, highlighting new definitions produced by the group, before presenting the latest ATM Physical Attack Statistics from the H1 2019 European Payment Terminal Crime Report.

Miguel-Angel Villanueva-Guijarro of Europol then gave a high level view of the ATM physical attack situation across Europe and how Europol is structured to handle cross-border cases.  This was followed by threat assessments from Europe and South Africa:

  • France – Guillaume Bourez – OCLDI
  • Netherlands – Marc Wosten – Dutch National Police
  • Spain – Daniel Zorzo Lopez – Guardia Civil
  • South Africa – Gregory Singh – SABRIC
  • United Kingdom – Neil Smyth – Metropolitan Police Service

These were followed by a presentation on banknote infrared (IR) recognition by David Milner of EURICPA and Niels Riedel of the ECB.  This covered, from the perspective of the ECB, the current position with regard to how banknote sorting machines will detect banknotes with IR markers, as well as a look at the future.

ATM Physical AttacksThe event concluded with a Question and Answer session chaired by Sarah Staff and with Daniel Zorzo Lopez, Miguel-Angel Villanueva-Guijarro, Marc Wosten, Gregory Singh and David Milner on the Panel.

Attendance at the regular EAST EGAP work group meetings is limited and this event enabled active participation and input from a much wider pool of expertise.

More information on the event can be found on the EAST Events Website


2019 EAST FCS ATM Physical Attack Seminar Sponsors

 

 

 

EAST FCS – ATM Physical Attacks Seminar

EAST FCS - ATM Physical Attacks SeminarOpen Event: Delegate places are limited.  Early registration is advised. REGISTRATION IS NOW OPEN.

EAST FCS – ATM Physical Attacks Seminar 

This interactive event follows the basic structure of EAST EGAP Member meetings. An introduction to the Group will be followed by presentation of the latest EAST Physical Attack Statistics (H1 2019) and recent attack definitions, and a high-level overview of the European situation.  Then a session will focus on the ATM physical attack situation in five countries, which will be followed by a session on banknote infrared recognition.  The event will conclude with a Q&A session on all attack types and counter-measures.

Attendance at EAST EGAP meetings is limited, as it is a working group, and this event enables a wider participation and the opportunity for all attendees to engage with the Group and its organisers.

Want to attend the 2019 Event?  REGISTRATION IS NOW OPEN

See the EAST FCS 2019 Programme

Event Sponsors

 

 

 

 

Interested in being a sponsor for the 2019 event?  Contact our Events Team

ATM malware and logical attacks fall in Europe

EAST has just published a European Payment Terminal Crime Report covering the first six months of 2019 which reports that ATM malware and logical attacks continue to trend downwards.

ATM malware and logical attacks against ATMs were down 43% (from 61 to 35) and all bar one of the reported ‘jackpotting’ attacks are believed to have been unsuccessful. Malware was used for 3 of the attack attempts and the remainder were ‘black box’ attacks. Related losses were down 100% (from €0.25 million to €0.00 million), although a small loss (less than €1,000) was reported in one case.

EAST Executive Director Lachlan Gunn said, “This fall in logical and malware attacks is very good news and reflects the work that has been put into preventing such attacks by the industry and law enforcement. In January 2019, supported by our Expert Group on All Terminal Fraud (EGAF), Europol updated their ‘Guidance & recommendations regarding logical attacks on ATMs’, which was first published in 2015. These Guidelines, which have been widely shared with ATM deployers and law enforcement agencies, reinforce the recommendations made by the ATM vendors.”

Terminal related fraud attacks were up 59% (from 6,760 to 10,723 incidents). This increase was primarily due to an increase in transaction reversal fraud attacks (up from 2,292 to 5,649 incidents), while card skimming incidents fell to an all time low (down from 985 to 731 incidents). This downward trend reflects the success of EMV and that measures to counter skimming at terminals, along with geo-blocking, are working well in Europe.

Total losses of €124 million were reported, up 16% from the €107 million reported during the same period in 2018. This increase is primarily due to a rise in international losses due to card skimming (up from €87 million to €100 million), which indicates that EMV implementation is not yet complete globally with resultant risks for European cardholders. Losses due to transaction reversal fraud were up 135% (from €1.36 million to €3.2 million).

ATM related physical attacks were up 16% (from 2,046 to 2,376 incidents). Attacks due to ram raids and ATM burglary were up 3% (from 590 to 610 incidents) and ATM explosive attacks (including explosive gas and solid explosive attacks) were up 3% (from 490 to 503 incidents). Losses due to ATM related physical attacks were €11.4 million, a 25% decrease from the €15.1 million reported during the same period in 2018.

The average cash loss for a robbery is estimated at €15,140 per incident, the average cash loss per explosive or gas attack is €10,161 and the average cash loss for a ram raid or burglary attack is €9,632. These figures do not take into account collateral damage to equipment or buildings, which can be significant and often exceeds the value of the cash lost in successful attacks.

A summary of the report statistics under the main headings is in the table below.

The full Crime Report is available to EAST Members (National and Associate)

49th EAST Meeting hosted by LINK in London

The 49th EAST Meeting (National Members) was hosted by the LINK Scheme in London on 8th October 2019. National country crime updates were provided by 20 countries, and a global update by HSBC.  Topics covered included payment fraud and the continuing evolution of payment technology and related threats, terminal related fraud attacks, malware and logical attacks, and ATM related physical attacks.

The European Cybercrime Centre (EC3) at Europol gave a presentation on the ‘Genesis’ dark web marketplace where cyber-criminals are selling digital fingerprints (bots).  This was followed by a presentation from the INTERPOL Financial Crimes unit on ATM and payment crime.

The Gulf Cooperation Council Police (GCCPOL) then shared an update on payment and fraud issues seen by their 6 member countries. In recognition of their first attendance at an EAST Meeting, GCCPOL representative Major Mohammed Khalid Alabsi presented the current Chair of EAST, Ms Veronica Borgogna (BANCOMAT SpA), with a mementoe of the occasion.  EAST Executive Director Lachlan Gunn said: “We are delighted to be strengthening our relationship with the GCC and the Arab States of the Gulf, another step forward in enhancing the global value of our National Member platform.”

Presentations were also given by the EAST Expert Group on All Terminal Fraud (EGAF) and the EAST Expert Group on ATM and ATS Physical Attacks (EGAP).  An update was given by the EAST Payments Task Force (EPTF).

EAST Fraud Update 3-2019 will be produced later this month, based on the national country crime updates provided at the 49th EAST Meeting.  EAST Fraud Updates are available on the EAST Website to EAST Members.