Europol, Diebold Nixdorf to Share Information on Cyber Threats
18.11.2018 securityweek
BigBrothers

Europol on Friday announced that it has signed a cybersecurity-focused memorandum of understanding (MoU) with Diebold Nixdorf, one of the world’s largest providers of ATM and point-of-sale (PoS) services.

According to Europol, the goal is to create a safer cyberspace for individuals, businesses and governments through the sharing of knowledge on cyber threats and attacks, and by exchanging expertise, best practices and technical information.

Steven Wilson, head of Europol’s European Cybercrime Centre (EC3), believes the partnership with US-based Diebold Nixdorf will improve the law enforcement agency’s capabilities and effectiveness in preventing, disrupting and prosecuting cybercrime targeted at the self-service industry.

“As a company with a strong global presence, a working cooperation of this type between Europol and Diebold Nixdorf is the most effective way in which we can hope to secure cyberspace for European citizens and businesses. I am confident that the high level of expertise our industry partners bring with them are going to result in a significant benefit to our Europe-wide investigations,” Wilson said.

On the other hand, the financial and retail technology giant believes the partnership with Europol will help it better protect customers from cyber threats.

It’s not uncommon for Diebold Nixdorf ATMs to be targeted by malware. One example is CUTLET MAKER, a piece of malware that leverages a Diebold Nixdorf library file to help attackers with physical access to an ATM instruct the device to dispense all its banknotes in a type of attack known as ATM jackpotting.

A report from January claimed that Diebold Nixdorf had set out alerts to warn customers of ATM jackpotting attacks in the United States.

A study conducted recently by Positive Technologies showed that many ATMs can be hacked in minutes. The study targeted ATMs from various vendors, including Diebold Nixdorf, and found that a majority of the devices contain at least one type of vulnerability.