FFIEC Warns Banks of Cyberattacks on ATMs and DDOS Attacks

FFIEC issues cyberattack warning

The Federal Financial Institutions Examination Council (FFIEC) is warning financial institutions that their automated teller machines (ATMs) might be targeted by cybercriminals. In addition, the regulator is also warning banks about distributed denial-of-service (DDOS) attacks on their websites.

The organization has published advisories for both types of attacks. They describe the steps that need to be taken to prevent such incidents.

FFIEC warns that cybercriminals are increasingly targeting the web-based ATM control panels used mainly by small and medium-sized financial institutions. The regulator wants companies not only to take measures to prevent such attacks, but it also wants them to implement incident response programs.

According to the LA Times, ATM attacks rely on a piece of malware designed to obtain the online ATM control panel login credentials from employees. Once they gain access to these control panels, cybercriminals can change the amount of money that customers can withdraw, geographic usage limits, and they can even tamper with fraud reporting mechanisms.

After everything is configured in the ATM control panel, the crooks create fraudulent cards with information stolen through separate attacks.

As far as DDOS attacks are concerned, FFIEC says that institutions should include DDOS readiness in their information security and incident plans. Organizations should monitor traffic to their websites and activate the response plan if DDOS traffic is identified.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s