Best practices to protect your ATMs from jackpotting
We’ve recently been notified of Man-In-The-Middle attacks that have resulted in attackers jackpotting ATMs. The most recent attacks are connected to unsecure Remote Monitoring Systems (RMS). Still under investigation, these attacks occurred in Pennsylvania and it is believed the attackers are still active, and additional attacks are possible.
How to protect your ATMs from these attacks
If you operate your own RMS program, we recommend you perform the following changes immediately:
- Change All RMS & Remote Passwords and double check that passwords are not set to default values.
- Do Not Allow Remote Access to Your RMS Server. If limiting access is not possible, use dual-authentication and make sure each user has their own login.