https://krebsonsecurity.com/2018/01/first-jackpotting-attacks-hit-u-s-atms/
Jackpotting- Installing malicious software and/or hardware in an untheorized manner at the ATM machines which target the control of the dispense in order to Cash-Out the ATM.
Ability to connect a chord of ATM to a laptop and the press of a button to install malware and start controlling the ATM using the keyboard or an SMS message. ATMs of a particular manufacturer using Windows XP as OS on ATMs are prone to this attack, the manufacturer was recommended to upgrade the OS of ATMs to Windows 7.
I think there should not be an option to connect external machines with the ATM machine on site, even for repair, one needs to bring in a new machine replace with a new machine and only repair the machine at a centralized location.
If the above option is not feasible there should be an alert mechanism which alerts the nearest bank or police station when someone tries to connect an external device to the ATM at the site.
I agree the best option would be to eliminate field servicing but I don’t think it is financially feasible. Around 95% of all ATMs are running WIN XP and support for it is over. Now they will have to pay a subscription for service updates or upgrade the OSs. A cost is coming… BUT it still wouldn’t be as high as changing all their hardware.
When Considering the total cost to have spare machines, enough for every market and their storage within a reasonable distance to that market, field servicing will be around for a while. An alert is a good idea. An alert might still be something that could be bypassed. Other then that I don’t have any better of a solution.