ATM Malware Protection

Escalating ATM Threat Landscape

Automated Teller Machine (ATM) systems are projected
to grow from 2 million to over 4 million worldwide by
2020, per industry analysts. This increases the risk for
banks and financial institutions to suffer financial and
reputation damage from the escalation of sophisticated
cybersecurity threats. The majority of breaches now
involve fileless malware (53% according to the 2016
Verizon Data Breach Report) and other undetectable
attacks. The attackers leverage Windows PowerShell to
load the malware directly into memory rather than
writing it to the disk. These attacks are typically
undetectable by next generation anti-virus,
machine-learning tools, endpoint detection and
response (EDR), breach detection systems (BDS),
whitelisting, and other conventional means that rely on
signatures, frequent updates, and constant monitoring.
Most conventional protection methods are not
compatible with legacy ATMs running older operating
systems that cannot be upgraded and do not have the
capability to support the large overhead inherent in
most detection and response protections.
Our Solution
AppGuard software has demonstrated the ability to
prevent endpoint breaches undetectable by other
conventional protection methods. It disrupts malware
attacks at the earliest stages, stopping breach attempts
before a compromise can occur, without requiring
detection, scanning, or updates. It is compatible with
Windows XP SP3 through Windows 10, mitigating risks
for new generation and legacy ATM systems. AppGuard
features include:
• Prevents unauthorized scripts or malware from
executing a first-stage attack on the ATM or
running malware from a USB device or CD-ROM
used for maintenance.
• Does not rely on scanning, detection, or signature
identification to provide protection, thus reducing
system overhead.
• Always protects without requiring updates or
patches, reducing risks from ATM system
maintenance delays.
Versatile, Scalable, Manageable.
AppGuard is recognized by prominent industry
analysts as the leading next generation endpoint
protection. It works to prevent unauthorized ATM
intrusions from any malware-based attack. Existing
enterprise System Management tools can be used to
distribute the software and collect AppGuard Event
logs from the ATM Windows Event Viewer. Default
policies are simple to manage and incorporate the
ever-changing vendor images.
Conclusion
AppGuard provides breakthrough capability to
protect against advanced threats undetectable by
other conventional cybersecurity approaches. It is
engineered to deliver an effective, compatible,
scalable, and affordable cybersecurity defense to
address even unknown and undetectable threats to
prevent breaches now and in the future.
 A new family of malware known as WinPot
is using a slot machine-like interface to
empty ATMs at targeted financial
institutions.
- SecurityIntelligence

Hackers used phishing emails to ATMitch operates by reading commands

break into a Virginia bank in two contained within a local text file labeled
separate cyber intrusions over an command.txt. The commands are simple,
eight-month period, making off one-letter characters such as ‘O’ for open
with more than $2.4 million total. dispenser, ‘D’ for dispense, and ‘E’ for Exit. Once
- Krebs on Security an ATM is infected, threat actors can upload
specific instructions to the command.txt file.
- NJCCIC

“AppGuard has a completely new method “AppGuard should be�on every Windows�
for delivering threat protection and breach system in the world.”
prevention. I'm a true believer, and that's - Robert Bigman, former CISO, CIA
why I've joined the AppGuard team.”
- Hiro Higuma, Former President of Symantec
Japan, Current Chief Strategy Officer, AppGuard

sales@blueridgenetworks.com
1-800-722-1168
BlueRidgeNetworks.com
linkedin.com/company/blue-ridge-networks
@BlueRidge
©2018 Blue Ridge
Robust Networks.
by Default: All Rights
Trust-Based Reserved. Network Segmentation
Autonomous 4