Europol publishes French language version of new ATM Logical Attack Guidelines

ATM LogicalEuropol has just published a French language version of the new guidelines to help industry and law enforcement counter the ATM Logical Attack threat.  The English version of the document was officially launched in January 2019 at the 17th Meeting of the EAST Expert Group on All Terminal Fraud (EAST EGAF)

The production of this document was coordinated by EAST EGAF.  It has three sections:

  1. Description of Modi Operandi (Description des Modes Opératoires)
  2. Mitigating the risk of ATM Logical and Malware Attacks, Setting up Lines of Defence (Réduction du risque d’Attaques Logiques et de Programmes Malveillants visant les DAB, Mise en place de Lignes de Défense)
  3. Identifying and responding  to Logical and Malware Attacks (Identification et réponse aux Attaques Logiques et de Logiciels Malveillants)

This new version provides clearer definitions and greater clarity of the criminal methods and techniques encountered in these attacks, and more detailed recommendations on how to mount a robust and effective response to them.

Circulation of the document is restricted to Law Enforcement and to the banking and payments industry, which includes EAST Members (National and Associate).

Terminal Physical Attack Definitions launched by 11th EAST EGAP Meeting at Europol

Physical AttackEAST has published new Terminal Physical Attack Definitions and Terminology to help industry and law enforcement when reporting attacks against ATMs and other terminals.  The document was officially launched at the 11th Meeting of the EAST Expert Group on ATM and ATS Physical Attacks (EAST EGAP), which took place on Wednesday 6th March 2019 at Europol in The Hague.  Production of the document was coordinated by EAST EGAP.  The terminal types covered are broadly classified as:

  • ATM – Automated Teller Machine
  • ATS – Automated Teller Safe (also known as a Teller Cash Dispenser or TCD)

The aim is for these physical attack definitions and terminology to be adopted globally by the Industry and Law enforcement when describing or reporting physical attacks on terminals.  A copy of the document is available here.

11TH EAST EGAP Meeting

Advisory Group on Financial ServicesThe 11th Meeting was chaired by Mr Graham Mott of the LINK Scheme and was attended by key representatives from Terminal Deployers, ATM Networks, Security Equipment Vendors and Law Enforcement.  Europol gave a central assessment of the ATM physical attack situation in Europe and National Threat Assessments were shared by representatives from eighteen countries.

EAST EGAP is a European specialist expert forum for discussion of ATM and ATS related physical attack trends, attack methodologies and counter-measures, threat protection, and for the provision of regularly updated lists of manufacturers of ATM protective devices. The latest lists can be downloaded from the ‘Stained Banknotes’ page on this website (bottom of page).  The Group, which meets twice each year, enables in-depth and technical discussion to take place. The areas covered include:

  • The latest incidents and criminal MOs
  • The collection and distribution of best practice guidelines
  • The evolution of threats and counter-measures
  • Lessons from and on law enforcement

EAST EGAP meetings are restricted to working group members and, to provide a wider platform for sharing/discussion, the Group is holding a half-day open seminar in London on 9th October 2019.  Registration for this is now open and more information can be found on the EAST Events website.

EAST presents at EUCPN / Europol Conference on Prevention of ATM Physical Attacks

EAST Executive Director Lachlan Gunn, representing the EAST Expert Group on ATM and ATS Physical Attacks (EAST EGAP), presented at a conference on the prevention of ATM physical attacks co-organised by the European Crime Prevention Network (EUCPN) and Europol.  The event, attended by experts from law enforcement and the private sector, was held in Brussels on 22/23 January 2019.

ATM Physical AttacksThe focus of the conference was on the sharing of experiences, insights and best practices with a view to preventing these types of attack on ATMs.  Of particular concern were explosive gas and solid explosive attacks.  An overview of the current situation was built up and then in-depth workshops were held to consider ATM Physical Attack prevention before, during and after an attack.

As a result of the conference the EUCPN and Europol will prepare a paper on the most effective measures that can be used to prevent or deter ATM Physical attacks.

Europol launches new ATM Logical Attack Guidelines at 17th EAST EGAF Meeting

ATM Logical AttackEuropol has published new guidelines to help industry and law enforcement counter the ATM Logical Attack threat.  The document was officially launched at the 17th Meeting of the EAST Expert Group on All Terminal Fraud (EAST EGAF), which took place on Wednesday 16th January 2019 at ING Domestic Bank in Amsterdam.  Production of the document was coordinated by EAST EGAF.  It has three sections:

  1. Description of Modi Operandi
  2. Mitigating the risk of ATM Logical and Malware Attacks, Setting up Lines of Defence
  3. Identifying and responding  to Logical and Malware Attacks

The original Guidelines were published in 2015 when law enforcement and the private sector came together to support the banking and payments industry. That report, the first of its kind, provided vendor-neutral guidance on countermeasures to such attacks, as well as a collection of indicators that could be used to detect when an incident may have occurred.  This new version provides clearer definitions and greater clarity of the criminal methods and techniques encountered in these attacks, and more detailed recommendations on how to mount a robust and effective response to them.

Steven Wilson, Head of Business at Europol’s European Cybercrime Centre (EC3), said “This updated and refocused edition of the report draws upon the expertise of an expanded panel of experts from both law enforcement and the private sector. In addition to the key role played by EAST, I would like to extend my thanks to Diebold Nixdorf, GMV, ING, INTERPOL, NCR, TMD Security and Trend Micro for their invaluable work and contributions, without which this report would not be possible.  I continue to look forward to Europol’s engagement and cooperation with all of our partners within private industry and law enforcement in such endeavours, and our continuing fight against threats affecting the payment industry.”

Circulation of the document is restricted to Law Enforcement and to the banking and payments industry, which includes EAST Members (National and Associate).

17TH EAST EGAF Meeting

The 17th Meeting was chaired by Mr Otto de Jong and was attended by Europol and INTERPOL as well as by key representatives from Terminal Deployers, Terminal Vendors, Networks, Card Schemes, Security Equipment and Software Vendors and Forensic Analysts.

EAST EGAF is a regional expert group that focuses on regional and global payment terminal crime and fraud related issues, threats and counter-measures.  The Group, which meets three times a year in advance of each of the meetings of EAST National Members, enables in-depth and technical discussion to take place on Logical and Malware attacks, Card Skimming, Card Trapping, Cash Trapping and Transaction Reversal Fraud.

In addition EAST EGAF generates EAST Fraud Alerts for all EAST Members (National and Associate). In total 204 EAST Fraud Alerts have been issued, 3 to date in 2019.

EAST EGAF meetings are restricted to working group members and, to provide a wider platform for sharing/discussion, the Group is holding a half-day open seminar in London on 9th October 2019.  Registration for this is now open and more information can be found on the EAST Events website.

EPTF holds Fourth Meeting

EPTFThe Fourth Meeting of the EAST Payments Task Force (EPTF) took place on Thursday 22nd November 2018 at the Banking & Payments Federation Ireland (BPFI) in Dublin.

The EPTF is a specialist task force that discusses security issues affecting the payments industry and that gathers, collates and disseminates related information, trends and general statistics.  The EPTF has recently published Payment Fraud Terminology and Payment Fraud Definitions.  The aim is for the payment fraud terminology, and related payment fraud definitions, to be adopted globally when describing or reporting payment and transaction fraud.

The meeting was chaired by Mr Rui Carvalho, EAST Development Director, and was attended by key representatives from Card Issuers, Law Enforcement, Payment Processors, Payment Providers and Solution Providers.

Presentations or updates were given by BANCOMAT S.p.A, BPFI, Diebold Nixdorf,  EURO Kartensysteme GmbHEuropol, INTERPOL, PayLife, PayPal, Trend Micro, Visa Europe.

The Group, which meets twice a year, adds value to the payments industry by using the unique and extensive EAST National Member platform and Associate Member network to provide information and outputs that are not currently available elsewhere.  EAST National Members represent 35 countries and outputs from the group are presented to National Member Meetings.  There are 202 EAST Associate Member Organisations from 52 countries and territories.

EAST FCS ATM Physical Attacks Seminar 2018

An EAST FCS ATM Physical Attacks Seminar was held on 10th October 2018 in London, co-located with RBRs ATM & Cyber Security 2018 Conference.  The interactive and successful event followed the basic structure of work group meetings held by the EAST Expert Group on ATM & ATS Physical Attacks (EGAP).  This group, which meets twice a year, provides a platform for law enforcement and the private sector to come together and share attack information, trends and statistics in a structured manner.

An introduction to EGAP by the Chair, Graham Mott, was followed by a presentation by EAST Development Director Rui Carvalho, covering the latest EAST physical attack statistics from the H1 2018 European Payment Terminal Crime Report.  This highlighted that ATM related physical attacks were up 21% (from 1,696 to 2,046 incidents).  Attacks due to ram raids and ATM burglary were up 26% (from 470 to 590 incidents) and ATM explosive attacks (including explosive gas and solid explosive attacks) were up 2% (from 481 to 490 incidents).  Losses due to ATM related physical attacks were €15.1 million, a 24% increase from the €12.2 million reported during the same period in 2017.

Gertjan Kaijen of Europol then gave a high level view of the ATM Physical attack situation across Europe which was followed by national law enforcement updates from the following countries:

  • France – by Gilles Weintz of the Gendarmerie Nationale
  • Netherlands – by Niels Uljee of the Dutch Police
  • Portugal – by Bruno Sergio Nobre Viegas of the Policia de Seguranca Publica
  • Spain – by Daniel Zorzo Lopez of the Guardia Civil
  • UK – by Neil Smyth of the Metropolitan Police Service

These were followed by a talk from Marco Spoldi of MIB on the Italian experience of ATM Physical attacks, sharing what has been done in Italy to counter them.

ATM physical attacksThe Seminar concluded with a Question and Answer session chaired by Graham Mott and with Rui Carvalho, Gertjan Kaijen, Bruno Ricardo (Feerica), Daniel Zorzo Lopez and Adrian Roberts (West Midlands Police) on the Panel.

Attendance at the regular EAST EGAP work group meetings is limited and this event enabled active participation and input from a much wider pool of expertise.  Due to the positive response received from delegates, this ATM Physical Attacks Seminar is expected to be repeated in 2019.

More information on the event, which was sponsored by Feerica and Lockpoint, can be found on the EAST Events Website


2018 EAST FCS ATM Physical Attack Seminar Sponsors

 

EAST joins Europol’s Advisory Group on Financial Services

EAST Development Director Rui Carvalho will represent EAST at Europol’s Advisory Group on Financial Services, an advisory group to the Programme Board of the European Cybercrime Centre (EC3).  In the context of the cross-border fight against cybercrime the purpose of the advisory group is to:

  • bring knowledge and expertise to the Programme Board on the impact of cybercrime on financial services and on how this sector and law enforcement can cooperate in the prevention and combating of cybercrime;
  • update and share all relevant information and expertise on developments in the area of cybercrime that affect financial services;
  • assist the Programme Board in defining priorities for the work of EC3 in this area, including by advising on the cooperation with the financial services and on developing concepts for enhanced prevention;
  • advise the Programme Board on increasing the sharing/exchange of information between law enforcement and financial services.

EAST has worked closely with Europol since 2004 and in 2015 Europol and EAST signed a Memorandum of Understanding to further strengthen the partnership.

EAST Executive Director Lachlan Gunn said: “I am delighted that EAST can support Europol in the Advisory Group on Financial Services, a further development of our strategic partnership.  Since 2015, and in addition to the normal operation of our National Member and Expert Group meetings, EAST has supported Europol at five strategic payment card fraud meetings in Asia, most recently in May in Vietnam, and also at similar meetings in The Hague and in Colombia.  We have also presented at three Europol Trainings on Payment Card Fraud Forensics, most recently in June at the Spanish National Police Academy.” 

EAST EGAP holds 10th Meeting in The Hague

The tenth meeting of the EAST Expert Group on ATM and ATS Physical Attacks (EGAP) took place on Tuesday 4th September 2018 in The Hague.

EAST EGAP is a European specialist expert forum for discussion of ATM and ATS related physical attack trends, attack methodologies and counter-measures, threat protection, and for the provision of regularly updated lists of manufacturers of ATM protective devices. The latest lists can be downloaded from the ‘Stained Banknotes’ page on this website (bottom of page).

The meeting was chaired by Mr Graham Mott of the LINK Scheme and was attended by key representatives from Terminal Deployers, ATM Networks, Security Equipment Vendors and Law Enforcement.  Europol gave a central assessment of the ATM physical attack situation in Europe and National Threat Assessments were shared by representatives from twelve countries.

EAST EGAP, which meets twice each year, enables in-depth and technical discussion to take place. The areas covered include:

  • The latest incidents and criminal MOs
  • The collection and distribution of best practice guidelines
  • The evolution of threats and counter-measures
  • Lessons from and on law enforcement

EAST EGAP meetings are restricted to working group members and, to provide a wider platform for sharing/discussion, the Group is holding a half-day open seminar in London on 10th October 2018.  Registration for this is now open and more information can be found on the EAST Events website.

ATEFI signs Strategic Agreement with AMERIPOL

The Latin American Association of Operators Electronic Funds Transfer and Information Services (ATEFI) has signed an Agreement of Understanding and Mutual Cooperation with The Police Community of the Americas (AMERIPOL). This public-private sector Agreement, signed in in Buenos Aires (Argentina), enables ATEFI and AMERIPOL, through collaboration and mutual professional training, to carry out preventive and investigative actions through forensic analysis of fraud and cybercrime cases.

In May 2016 EAST and ATEFI joined forces to to further strengthen inter-regional cooperation in combating all types of payment crime including payment card fraud, hi-tech crime and ATM cyber and physical attacks and in October 2015 EAST participated in a two-day meeting  in Bogota (Colombia) to discuss payment card fraud overseas and money withdrawals in Latin America.  This meeting, attended by AMERIPOL, was organised by Europol in cooperation with the Colombian authorities (Policia Nacional and its Liaison Bureau at Europol) with the financial support of the Romanian authorities.

This new public-private sector initiative in Latin America is welcomed by the industry in Europe as another step forward in global efforts to tackle transnational payment fraud and financial crime.  EAST has worked with Europol since 2004, a partnership that was strengthened in June 2015 by the signing of a Memorandum of Understanding (MoU), and in June 2017 EAST and ASEANAPOL formalised collaboration.  ASEANAPOL is the National Police organisation for the Association of Southeast Asian Nations (ASEAN).

EAST presents at Europol Training on Payment Card Fraud Forensics

card fraud forensics trainingOn 26 June 2018 EAST Development Director Rui Carvalho presented at the fourth edition of the Europol Training Course on Payment Card Fraud Forensics and Investigations at the Spanish National Police Academy in Ávila, Spain. His talk gave an overview of EAST and covered terminal and payment fraud in Europe from the perspective of the private sector.

The Europol training, which ran from 25 to 29 June 2018, covered a wide range of topics including cryptocurrencies, ATM malware, forensic tools for the examination of skimming equipment, Near Field Communication (NFC) technology, EU regulation in non-cash payment, and data breaches or cyber attacks.

The training course was attended by 74 Investigators, forensic experts, and future police officers from 27 countries in the European Union, as well as from Iceland, Gibraltar, Montenegro, Moldova, Canada, Ukraine and South Korea.  Presentations were given by 33 speakers from different law enforcement agencies, the European Commission, Europol and bodies from the private sector (including EAST) and academia.  Since the first training in 2015 over 200 international students have benefited from the training programme, which has been supported by EAST.