Who needs complicated malware when you have dynamite

Oct 16, 2016 21:50 GMT  ·  By

Criminals like to use explosives to break into ATMs, rather than deploy malware, a recent European ATM Security Team (EAST) report has shown.

The agency says that criminal groups have used explosives to break into ATMs in 492 different incidents in the first half of 2016, up from only 273 in the same period of 2015.

This number includes both gas and solid-based explosives and is representative to an ecosystem that has invested in securing devices and software to prevent skimming and malware attacks.

The trend is also an indication that there are many criminal gangs operating inside Europe that don't have the technical capabilities to deploy and run skimming or malware-based operations.

ATM "explosive attacks" cause collateral damage

"This rise in explosive attacks is of great concern to the industry in Europe as such attacks create a significant amount of collateral damage to equipment and buildings as well as a risk to life," said EAST Executive Director Lachlan Gunn.

The report also highlights a rise in other physical attacks, such as ram raids (using battering rams or driving a car into an ATM, building, or wall).

The average loss per incident is €17,327 for ram raids, €20,017 for robbery attacks, and only €16,631 for explosive attacks. But as Gunn said, this number only includes the stolen funds and not the damages done to surroundings, which for explosive attacks is quite large.

According to EAST, physical attacks overall have gone up to 1,604 incidents in H1 2016, compared to only 1,232 in the first half of 2015.

Total losses attributed to physical attacks were of €27 million, up 3 percent from H1 2015, when the agency reported losses of €26.3 million.

Most losses came from ATM skimming and ATM malware attacks

Nevertheless, fraud attacks such as ATM skimming, ATM malware, and transaction reversals remained the top threat for the banking sector. EAST says that ATM fraud attacks, in general, grew 28 percent, from 8,421 incidents in H1 2015 to 10,820 incidents in H1 2016.

The agency recorded the highest rise for transaction reversal attacks, which increased 281 percent, from 1,270 incidents to 4,840.

ATM skimming and ATM malware have remained the popular choice for ATM fraud attacks. Cases that often get the most press headlines are so-called "cash out attacks," where crooks use ATM malware to "cash out" the entire machine.

EAST reports that these aren't that common, with only 28 incidents recorded in the first half of the year, up from 5 in the first half of 2015. Actual financial losses from these incidents were of only €0.4 million.

Total losses from ATM fraud attacks, including malware and skimming, amounted to €174 million, up 12 percent from €156 million in the first half of 2015. The full EAST report is available below.