3rd EAST FCS Forum – the most successful yet!

EAST FCS ForumThe sun has set on another successful EAST Financial Crime & Security (FCS) Forum which was held for the second time at the Grand Hotel Amrâth Kurhaus, in Scheveningen, The Hague. Feedback from delegates has been hugely positive.  This year marked a new format which included plenary sessions covering expert information from global regions: Asia-Pacific (ASEAN), Latin America, USA, Russia and Europe. 19 expert speakers travelled from 14 countries around the world to share their knowledge of ATM crime prevention.

In addition an afternoon of breakout sessions was held covering topics related to ATM and payment terminal fraud, and to ATM physical attacks.

Networking opportunities were abundant – a welcome cocktail the evening before the event, ensured all delegates were comfortable to kick off the Forum having met with their peers in a relaxed environment. Exhibitors enjoyed increased traffic through the exhibition hall, giving demos to attendees during coffee breaks, lunch and demonstration sessions.

 

Day One of the EAST FCS Forum opened with keynote speaker Steven Wilson, Head of the Europol Cyber Crime Centre (EC3) who spoke about the multi-faceted approach to countering cybercrime and the success of public private partnerships, especially the cooperation between EC3, non-EU States and EAST members.

Lachlan Gunn, Executive Director EAST, provided relevant statistics from the EAST European ATM Crime Report. He also announced a name change for EAST which is now the European Association for Secure Transactions. A milestone for EAST which has mainly focused on issues facing the ATM industry thus far, but which will now look at all threats against payment terminals (ATM, SST and POS), as well the security of payments and transactions.

Lachlan was followed by presenters from ASEANAPOL, the US Secret Service, the Russian Mastercard Members Association, and from the Latin American Association of Operators Electronic Funds Transfer and Information Services (ATEFI), who all gave the audience the most current information on activity in their regions.

In the afternoon breakout sessions Otto de Jong, EAST EGAF Chair, led discussions which covered R&D by fraudsters on EMV and old school ATM Fraud, and Graham Mott, EAST EGAP Chair, facilitated discussions on banknote degradation, physical attack types and countermeasures and traditional attacks.

The day closed out nicely with a BBQ by the beach!

Day Two kicked off with Group-IB providing an overview on the evolution of logical attacks on financial institutions. This was followed by a case study on Black Box attacks from NCR Czech Republic and an update from ING Netherlands on the evolution of gas and solid explosive attacks. There was a case study on countering such explosive attacks from the UK’s West Midlands Regional Organised Crime Unit, and the final talk of the day came from Rui Carvalho, Development Director EAST, who is building the EAST Payments Task Force and provided an overview on current and future activities for EAST.

In her closing address, conference Chairman Úna Dillon, Development Director of EAST, summarised the two-day conference by noting the importance of cross-border public-private sector cooperation in the fight against financial crime – stressing the need for private sector industry stakeholders to collaborate with law-enforcement agencies. She added that whilst EAST delivered the conference, the people charged with building the event are also deeply involved in the collaborative work already going on. Their ‘on-the-ground’ involvement means the EAST FCS Forum agenda will always be relevant and current.

This 3rd EAST FCS Forum has proven to be a successful platform in bringing together the perfect mix of banking representatives, security experts, law enforcement, payments associations, government agencies and many other stakeholders in the ATM and payment crime prevention sector  –  the dialogue and learning from  across Europe, the USA, Latin America, Russia and Asia-Pacific will no doubt help all participants to better detect and prevent current and future financial crime threats.

The event could not have taken place without the support of sponsors, exhibitors, speakers and delegates. EAST hugely appreciates the participation of all who took part and thanks everyone for their contribution to making the event a success.

Overall sponsor of the EAST FCS Forum 2017 was 3SI Security Systems.

Other sponsors and exhibitors included, the ATM Security Association, ACG, BVK, GMV, MIB, Startech Ltd. and TMD Security.

27 arrested in connection with ATM Black Box attacks

ATM Black Box attackEuropol has announced that 27 arrests have been made across Europe in connection with ATM Black Box attacks.  This success is due to actions taken by a number of EU Member States and Norway, supported by Europol’s European Cybercrime Centre (EC3) and the Joint Cybercrime Action Taskforce (J-CAT).  The arrests were made in the Czech Republic, Estonia, France, the Netherlands, Romania, Spain and Norway.  Most of the arrests took place in 2016 and 2017 with the most recent in Spain this month.  The criminals involved with ATM Black Box attacks mainly originate from Romania, Moldova, Russia and Ukraine.

Since ATM Black Box attacks first started in Western Europe EAST has produced 19 Black Box related ATM Fraud Alerts from the following countries:  Cyprus, Czech Republic, France, Greece, Ireland, Italy, the Netherlands, Norway, Romania, Russia, Spain, Turkey, Ukraine, the United Kingdom.  These Alerts are available to EAST members and to Law Enforcement.  To date 142 Alerts have been issued. In a recently published European ATM Crime Report covering 2016, EAST reported a 287% increase in ATM Black Box attacks, up from 15 attacks in 2015 to 58 attacks in 2016.  EAST works closely with Europol and other law enforcement agencies to help counter financial crime.

Read the full announcement from Europol here.

An ATM Black Box case study from the Czech Republic will be presented at EAST’s 3rd Global Financial Crime and Security (FCS) Forum on 9th June 2017 following on from a presentation by Group-IB on the Evolution of Logical Attacks on Financial Institutions. Steven Wilson, Head of Europol’s European Cybercrime Centre, will give the Keynote Address.  The event will be held in the Netherlands at the Grand Hotel Amrâth Kurhaus (see below) in Scheveningen, the popular seaside resort which is located in The Hague.  Book soon to ensure you don’t miss this great opportunity to attend what has been described as an “excellent event for helping to make a difference in the area of financial crime prevention”.

Evolution of Logical Attacks on Financial Institutions

logical attacks - black boxLogical attacks on ATMs are on the increase in Europe and in many other parts of the world.  In a report covering 2016 EAST reported 58 black box (or ‘cash out’) attacks in Europe, a rise of 287 percent compared to 2015.  ATM related malware is also a growing problem and, while Europe has been largely unaffected by this, in other parts of the world there have been some significant attacks.  In order to perpetrate such attacks the criminals are looking to get inside the networks of financial institutions and then to start an attack from within.

At the upcoming EAST Financial Crime & Security Forum (EAST FCS 2017) Tim Bobak of Group-IB, an organisation that specialises in preventing and investigating high-tech crimes and online fraud, will talk about global developments in ATM related theft – tactics, techniques and procedures – alongside new trends in attacks on card processing and payment systems.

About Tim Bobak

Tim Bobak moved to Moscow in 2012 from the UK. Before joining Group-IB, the leading source of threat intelligence from the former USSR and Eastern Europe, Tim worked investigating fraud and financial crime in Russian business.  Currently, Tim works with the forensic lab and analyst team at Group-IB to share Russian-speaking cyber threat intelligence worldwide.

Who Is Attending?

Over 150 delegates will attend EAST FCS 2017 from ATM networks, banks, law enforcement, vendors, and EAST national and associate members.

Book soon to ensure you don’t miss this great opportunity to attend what has been described as an “excellent event for helping to make a difference in the area of financial crime prevention”.

There are some sponsor and exhibitor slots still available so, if you are in the business of ATM crime and fraud prevention and wish to take a space alongside a key audience, contact us.

Have you secured your Hotel room for EAST FCS 2017? Only 30 rooms left

The EAST Financial Crime and Security Forum (EAST FCS 2017) will take place on 8th/9th June 2017 at the magnificent Grand Hotel Amrâth Kurhaus, one of the most important landmarks in The Hague.

Kurhaus Hotel EAST FCS 2017

The Hotel is located at the beating heart of The Hague and dates back almost 200 years, to the year 1818, when Jacob Pronk opened a bathing establishment. The modestly sized wooden building had four rooms, each fitted with a bath tub.  These tubs were filled with cold or heated seawater, bathing in these tubs was said to have a healing effect.  Those with a more adventurous spirit could also opt for a more direct treatment.  Pronk owned two carriages that were used to drive guests into the breakers.

The bathing resort was so successful, that in 1826 it was replaced by a stone building, this bathing house was owned by the local government. Here, guests could find hotel rooms, a library, a billiards room, dining rooms and bathing facilities.

EAST FCS 2017 has secured limited accommodation for those attending the event in June.  Only 30 rooms remain at the preferential conference rate.  If you are planning to attend sign up now to secure your room.

Who is attending?

The conference will have over 150 delegates, responsible for ATM security strategy, fraud prevention, security and generally anyone with an interest in improving their overall understanding of ATM and Payment Card fraud and countermeasures including:

  • EAST National Members
  • EAST Associate Members
  • Law Enforcement & Intelligence Services
  • Banks and ATM Deployers
  • Payment Service Providers, Transaction Processors, Card Brands
  • ATM & security equipment manufacturers and vendors
  • Other stakeholders

Benefits of Attending

  • A unique opportunity to hear about the latest threats and other intelligence from Europe, Russia, the United States, Latin America and Asia-Pacific.
  • An agenda set by ATM and terminal deployers.
  • A structured way to gain practical knowledge of what is being done to combat emerging threats. In addition to focus in the main plenary session on the key threats (for both ATM related fraud and ATM related physical attacks) identified by EAST there will be two concurrent breakout sessions:
  • This is the only event of its kind in Europe. A unique opportunity to network with peers and share experiences.

Book now to ensure you don’t miss this great opportunity to attend what has already been hailed as an “excellent event for helping to make a difference in the area of financial crime prevention”.

ATM Black Box Attacks spread across Europe

EAST ATM Crime Report 2016 - ATM black box attacks increaseIn a European ATM Crime Report covering 2016 EAST has reported that ATM black box attacks were up 287% when compared to 2015.

A total of 58 such attacks were reported by ten countries, up from 15 attacks during 2015.  ‘Black Box’ is the connection of an unauthorised device which sends dispense commands directly to the ATM cash dispenser in order to ‘cash-out’ the ATM.  Related losses were down 39%, from €0.74 million to €0.45 million.

EAST Executive Director Lachlan Gunn said, “While the rise in ATM black box attacks is a concern, we are pleased to note that many of these attacks were not successful.  In 2015, to help the industry counter such attacks, our EAST Expert Group on ATM Fraud (EGAF) worked with Europol to produce a document entitled ‘Guidance & recommendations regarding logical attacks on ATMs’.  At our third global Financial Crime & Security (FCS) Forum, which will be held in The Hague on 8th/9th June 2017, EAST EGAF will lead a proactive breakout session during which black box attacks will be discussed.”

ATM related fraud attacks increased by 26%, up from 18,738 in 2015 to 23,588 in 2016.  This rise was mainly driven by a 147% increase in Transaction Reversal Fraud (up from 5,104 to 12,581 incidents).  The downward trend for card skimming continues with 3,315 card skimming incidents reported, down 20% from 4,131 in 2015.  This is the lowest number of skimming incidents reported since 2005.

Losses due to ATM related fraud attacks were up 2% when compared with 2015 (up from €327 million to €332 million).  The Asia-Pacific region and the USA are where the majority of such losses were reported.  Domestic skimming losses rose 24% over the same period (up from €44 million to €53 million).

ATM related physical attacks rose 12% when compared with 2015 (up from 2,657 to 2,974 incidents).  Within this total ATM explosive attacks (including explosive gas and solid explosive attacks) were up 47% from the previous year (up from 673 to 988 incidents).  Losses due to ATM related physical attacks were €49 million, unchanged from the previous year.

The average cash loss for a ram raid or burglary attack is estimated at €14,890, the average cash loss per explosive attack is €17,403 and the average cash loss for a robbery is €20,293.  These figures do not take into account collateral damage to equipment or buildings, which can be significant and often exceeds the value of the cash lost in successful attacks.

A summary of the report statistics under the main headings is in the table below:

European ATM Crime Statistics Summary

The full Crime Report is available to EAST Members (National and Associate).

The Evolution of ATM Explosive Attacks (Gas and Solid Explosive)

ATM Explosive attacksExplosive attacks on ATMs are a rising problem in Europe and in many other parts of the world.  In a report covering the first six months of 2016 EAST reported a total of 492 explosive attacks in Europe, a rise of 80 percent compared to the same period in 2015.  Such attacks do not just present a financial risk due to stolen cash, but also are the cause of significant collateral damage to equipment and buildings.  Of most concern is the fact that lives can also be put in danger, particularly by the usage of solid explosives.  Over the past few years the Netherlands has been particularly hard hit by such attacks.

At the upcoming EAST Financial Crime & Security Forum (EAST FCS 2017) Job Galesloot, Security Officer ING Domestic Banking, will share the Dutch experience and also how neighbouring countries have been impacted.

About Job Galesloot

Job is a specialist in physical crimes against ING Bank branches. His main concerns are explosive gas attacks on ATMs, physical attacks on the bank’s branches and physical or verbal aggression against branch staff.  Since 2015 he is the Physical Security Officer for ING Domestic Banking. Responsible for threat analysis, trend monitoring and development of countermeasures. In 2016 Job chaired the Dutch Banking Association Expert Pool IBNS which tested several IBNS systems. IBNS stands for Intelligent Banknote Neutralisation Systems.

Who Is Attending?

Over 150 delegates will attend from ATM networks, banks, law enforcement, vendors, and EAST national and associate members.

Book soon to ensure you don’t miss this great opportunity to attend what has been described as an “excellent event for helping to make a difference in the area of financial crime prevention”.

There are some sponsor and exhibitor slots still available so, if you are in the business of ATM crime prevention and wish to take a space alongside a key audience, see our Sponsorship Brochure for details.

What’s new at EAST FCS 2017?

EAST FCS 2017

This year’s EAST Financial Crime & Security Forum (EAST FCS 2017) offers a new format, to facilitate better discussion with peers and a greater number of networking opportunities.  There is an exciting and targeted agenda this year which includes some of the world’s best experts in ATM operations and crime prevention.  In addition to the plenary sessions on the main stage, two workshops on key topics relating to ATM physical attacks and general ATM fraud have been added.

One workshop will be led by Otto de Jong, Chairman of the EAST Expert Group on ATM Fraud (EGAF), which includes round table discussions and expert speakers on subjects such as ‘Cash out Attacks’ (including Black Box attacks) and ‘ATM Fraud The Next Stage’. The other workshop will be led by Graham Mott, Chairman of the EAST Expert Group on ATM Physical Attacks (EGAP), and will cover ‘Traditional Attacks’, ‘Current Physical Attack Types’, ‘Counter-measures’ and ‘Banknote Degradation’.  Running concurrently, the workshops will be interactive and participation is encouraged.

EAST FCS NetworkingA key part to any specialist event is networking. For the EAST FCS Forum in June, we have organised welcome cocktails (Wednesday 7th June) and a ‘BBQ by the Beach’ (Thursday 8th June) at the Grand Hotel Amrâth Kurhaus.  There will also be more networking breaks throughout the event to ensure the best opportunities to meet with industry peers and to discuss specific goals and needs.

Book soon to ensure you don’t miss your opportunity to attend the event.

41st EAST Meeting hosted by Bits AS in Norway

EAST National Members - badgeThe 41st Meeting of EAST National Members was hosted by Bits AS in Oslo, Norway on 8th February 2017.  National country crime updates were provided by 24 countries, and a global update by HSBC. Europol, the Norwegian Police and the Bundeskriminalamt (BKA) attended the meeting.

EAST Fraud Update 1-2017 will be produced later this month, based on the updates provided at the meeting.  EAST Fraud Updates are available on the EAST Website to EAST Members.

The 42nd Meeting of EAST National Members will be held on 7th June 2017 in The Hague.  This will be immediately followed by the 3rd EAST Financial Crime & Security (FCS) Forum on 8th/9th June 2017, also in The Hague.  While this is an open event, places are limited.  Interested? Check out the Agenda and register now to secure your place.

Head of EC3 will give Keynote Address at EAST FCS 2017

Steven Wilson, Head of Europol’s European Cybercrime Centre (EC3) will give the keynote address at the EAST Financial Crime and Security Forum (EAST FCS 2017) which will be held in The Hague on 8th/9th June 2017.

Europol set up EC3 in 2013 to strengthen the law enforcement response to cybercrime in the EU and thus to help protect European citizens, businesses and governments from online crime.

Cybercrime is a wide and varied problem and the EC3 is a key part of Europol’s, and the EU’s, response.  EC3 takes a three-pronged approach to the fight against cybercrime: forensics, strategy and operations.

EC3 recognises the severity of the threat presented by ATM logical and malware attacks and has prepared security guidelines regarding this new cyber threat to ATMs.  The production of this document was coordinated by the EAST Expert Group on ATM Fraud (EGAF), and is the first of its kind.  Versions are now available in English, German, Italian and Spanish.

Europol is actively developing international cooperation on combating payment fraud, which is one of the EU priorities within the EU Policy Cycle 2014-2017 for organised crime and serious international crime as endorsed by the Council of the EU.  As part of this EC3 has consistently undertaken a proactive approach, assisting EU law enforcement authorities (LEAs) to combat payment card fraud.  On 13th / 14th December 2016, EC3, together with ASEANAPOL and INTERPOL, and with the support of the Romanian National Police and the Royal Thai Police, organised the Third Strategic Meeting on Payment Card Fraud (PCF) in Bangkok Thailand.

Speaker Spotlight

Steven Wilson - EAST FCS 2017

In January 2016 Steven Wilson became the Head of EC3.

Prior to that he served for 30 years with Police Scotland, which included roles with Strathclyde Police, Scottish Crime and Drug Enforcement Agency and Her Majesty’s Inspectorate of Constabulary.  He has worked in a wide range of Senior Detective roles including major investigations, counter terrorism, covert policing, management of sex offenders, fugitives and witness protection.  He had responsibility for all aspects of cyber and cyber enabled crime in Scotland and sat on government, industry and academic groups.  He also represented Scotland on UK national and European cyber groups.

Book soon to ensure you don’t miss your opportunity to attend the event. Places are limited and registration priority will be given to EAST Members, National and Associate.  The early-bird registration discount will expire on Monday 16th January 2017.