Bank of America Rogue Employee Problem Preventable, Says Leading ATM Security Authority

Share Article

It cost Bank of America close to $135,000 to clean up an employee-induced malware infection on their ATM network, in addition to the almost $300,000 stolen by the perpetrator. Michael Kalinichenko, CEO of ATM security specialist software developer SafenSoft, believes the issue could easily have been avoided if the bank had taken simple steps to secure the integrity of its ATM network.

“Banks need to understand that, in these difficult times, employees may be tempted to abuse their position of trust. We are working closely with the ATM Industry Association to upgrade their security best practices." - Michael Kalinichenko, SafenSoft CEO

SafenSoft’s TPSecure software was designed from the ground up to secure unattended devices such as ATMs, POS systems, and eVoting machines, both to prevent unauthorized transactions and to prevent insider tampering with the device. The system is focused on maintaining system integrity rather on the resource-intensive signature-based approach of many security solutions, and ensures that only authorized personnel using authorized devices can access authorized data and applications.

“Once an ATM or other unattended device has an established TPSecure profile, it is secure against both internal and external attacks, even if the perpetrator has local administrator rights,” points out Kalinichenko. “TPSecure is already in use at a number of banks in Russia, and we are looking forward to extending that protection to North American institutions.”

About TPSecure
TPSecure ensures neither logical (malware) nor physical (unauthorized access) methods can be used to access or tamper with the way ATMs function. It does this by building and maintaining a system profile for each ATM based on a number of different checkpoints designed to ensure the trustworthiness of the applications, drivers, and registry entries on that ATM.

TPSecure can be configured to prevent these and other attack methods from succeeding:

  •     Replacing ATM software with a new image or modifying current ATM processes.
  •     Unauthorized termination of the TPSecure process
  •     Unauthorized termination or launch of ATM processes

The software monitors every attempt to launch an application, blocking any launch activity if the trusted identifier for that application is not present in the system profile. TPSecure itself also includes multiple levels of self‐protection to prevent its own processes from being stopped.

About SafenSoft
SafenSoft was founded in 2006 in Moscow, Russia, and the company’s board of directors is led by Victor Kousnetsov, a former senior development executive with McAfee. SafenSoft solutions include TPSecure for ATMs and other unattended devices, SysWatch for enterprises, and SafenSec for home users. The company maintains development offices in Moscow, Russia, and business offices in Silicon Valley, California, and is funded by Troika Dialog. SafenSoft is a member of the PCI-DSS Security Council and CEO Michael Kalinichenko serves on the Security Best Practices committee of the ATMIA.


Share article on social media or email:

View article via:

Pdf Print

Contact Author

Pat Bitton
(707) 268-8968
Email >
Visit website