American bank robber Willie Sutton once said he robbed banks “because that’s where the money is.”
Today, Mr. Sutton would have been ecstatic about the criminal possibilities beyond traditional banks. In keeping with his “because that’s where the money is” mission, ATMs and point-of-sales (POS) devices would be high on his list of potential targets.
At Netop, we’re fortunate to work with several of the world’s largest ATM manufacturers and we know firsthand the emphasis on security these organizations and their financial customers place in protecting ATMs. Still, there are vulnerabilities that can be exploited.
Case in point: in New York earlier this year, eight people were arrested in connection with an ATM hacking scheme involving withdrawals in 20 different countries. One of the attacks resulted in the theft of $45 million over the course of a few hours – more than 20 times what Mr. Sutton reportedly stole in his entire 40-year career.
Though they don’t yield as much cash as ATMs, POS devices process something far more lucrative (i.e. credit cards). As such, they are increasingly targeted by hackers.
From 2008 to 2011, 150 Subway restaurant franchises were exploited by a remote software weakness. Last March, a St. Louis-based grocery store chain announced that “malicious computer code” had captured details of customer credit and debit cards. And in 2012, Barnes & Noble confirmed a breach that affected 63 of its store locations.
Today, a thief like Mr. Sutton would operate in the shadows, conduct nefarious activities remotely and target embedded devices. Unfortunately, for every Willie Sutton that lived in the 1930s and 1940s, there are now countless criminals, across all geographies, looking to exploit any opportunity they can find.
How prepared is your company to protect itself against today’s modern thieves?