Earlier this week, masked robbers successfully stole more than $2 million from ATMs owned by Taiwan’s First Bank.
Interestingly, the criminals’ weapon of choice in the robbery appears to be malware.
According to Reuters, investigators identified three different types of malware that were used to trick ATMs into dispensing large amounts of cash. The suspects—who are believed to be Russian—used a “connected device” to gain control of the machines. Money was dispensed from at least 41 ATMs across Taiwan multiple times both at night and during the day.
"So far we think it could have been done remotely, such as via a cellphone, laptop or hacked First Bank staff PC,” stated Ministry of Justice Investigation Bureau spokesperson Cheng-hsien following the incident.
After the attack, First Bank, and several other financial institutions, suspended ATM withdrawals to prevent further incidents from happening. No further attacks have been reported. This was the first case in Taiwan where ATMs were targeted by hackers.
Business owners across the world, though, should take heed: If your business owns connected machines that store, distribute or collect money you must take action to protect them. The attack against First Bank will likely embolden the party responsible for the attack. Demand is likely to rise for the malware in question, and future attacks are likely.
While you can’t prevent attackers from targeting your devices, you can take measures to protect your endpoints from cybercrime. If your endpoints are vulnerable, hackers could exploit them and empty their contents.
A new breed of hacktrepeneurs has awoken and they have little to fear and everything to gain by infecting as many companies as possible and extorting money from them. Apex Technology Services stands ready to protect your company regardless of whether it’s located in New York City; White Plains, New York; Connecticut; Australia; Europe; or anywhere else. Our full suite of cybersecurity and IT support services is at your disposal, enabling you to spend less time worrying about and more time growing your business.
In addition, our new Cybersecurity Compliance Certification for law firms will help keep your legal practice from becoming the next Panama Papers victim. This baseline cybersecurity audit for the legal industry should be considered seriously by all law firms.