The FBI is warning banks that a large cyberattack is coming, and criminals are expected to exploit a vulnerability in ATMs to steal millions or billions of dollars over the next few days. According to the FBI, this attack is expected to be global in scale and could target any of a number of different banks.

“The FBI has obtained unspecified reporting indicating cyber criminals are planning to conduct a global Automated Teller Machine (ATM) cash-out scheme in the coming days,” reads the FBI alert.

The FBI first became aware of this possible attack when hackers started using it to target small banks around the world. The hackers uploaded malware to bank systems that allowed them to edit customer accounts at will, giving them the ability to withdraw effectively unlimited money from ATMs.

Since then, the FBI has issued a warning to multiple banks around the country, although the agency never notified the public directly. The security blog Krebs on Security recently published the text of the warning publicly.

"Historic compromises have included small-to-medium size financial institutions, likely due to less robust implementation of cyber security controls, budgets, or third-party vendor vulnerabilities,” said the FBI alert. “The FBI expects the ubiquity of this activity to continue or possibly increase in the near future."

The FBI warning also comes with several tips for banks to prevent them from being targeted, including limiting the number of administrative accounts, monitoring network traffic for vulnerable applications or encrypted traffic, and only allowing trusted applications to be installed on their networks.

Source: Krebs on Security

Headshot of Avery Thompson
Avery Thompson
twitter.com/physicallyavery