How is an ATM secure?
I'm curious why an ATM computer is considered secure. The general adage of "If an attacker has physical access to my machine, all bets are off," seems to not apply in this circumstance (since everyone has physical access to the machine). Why is this?
I thought of the fact that many have security cameras placed over them, but this doesn't seem sufficient to keep ATMs secure, as there is no one constantly watching the camera feed and looking for suspicious behaviour. The most this could be used for is identifying an attacker after an attack has been attempted. It seems like this is fairly easily solved through plain clothes, a mask, gloves, etc.
So if this alone isn't or shouldn't be enough of a deterrent, why do we not see ATMs getting hacked for all their cash at 4:00am? What makes the device so secure? Is it just a simple risk-reward analysis, where the cash in the ATM isn't worth the effort of the hack? Or is there more to it which makes the computer secure?
The answer to - how is an ATM secure is that -
An ATM is secure in the same way all physical security works: your house door lock or a bank vault. It's not "impenetrable to everything", it's just not penetrable in a time allowing to grab the loot and escape. Indeed it is simple risk-reward analysis. A house in a "nice neighbourhood" can do with weak locks, because it's very likely that someone will notice, call the police and they'll arrive in a short time. On the other hand, in "bad neighbourhoods" you often see reinforced doors, because burglars can assume that no one would care about a door being kicked open. The ATM is pretty heavily armoured and locked up, so there is no physical access to the computer inside. Just to start hacking the computer you'd have to crack the shell open first. The risk-reward analysis still applies: can you crack and hack it before anybody notices? It would certainly take more than a couple of hours, that's why you don't see anyone doing it at 4:00am. However, there are many examples of robberies when thieves ripped the ATM from the wall and stole it in one piece. In this way the part when being exposed can be shortened enough to make the effort worthwhile and move the lengthy part to a safer place.
Please note there is one more variable coming into play: it can't be known for sure how much money is inside the ATM. One can only guess. ATMs are rarely "filled up", they are loaded with "just enough" to make it to the next scheduled loading. Sometimes the circumstances give away a hint: there was an incident in Poland when a brand new ATM was stolen the night before a grand opening of a new shopping mall. Predicting the huge crowds, the ATM company filled the machine with an amount of cash far larger than normal on the day before. Robbers anticipated and took advantage of that, but it still was a risky move.
To sum up:
- The Inside computer is not physically accessible from the outside.
- Just to start hacking you need lengthy and noisy cracking open parts.
- Once you're equipped to crack the outer shell (to get to the computer) you might just as well continue cutting the money cases, thus alleviating the need of any computer literacy.
- ATMs are likely to be equipped with content-destruction devices (paint sprayers).
- You can never know for sure if there's enough money inside just to pay the cost of cutting tools.