By Express News Service

BHUBANESWAR: The practice of ATM breaking is passe. Hackers have created havoc among banks in at least four districts of the State by breaking into the off site machines and withdrawing cash over Rs 40 lakh in the last six weeks.



What started in Balasore on February 18 has now been reported in Cuttack, Khurda and Puri. On Saturday, the hackers attempted the cyber theft at Corporation Bank’s ATM on Vivekananda Marg in the Capital, unsuccessfully though.

However, investigation by Commissionerate Police has revealed that on February 24, a similar theft was reported in the City. The amount was to the tune of Rs 7 lakh. The matter received attention after another such incident was reported at Corporation Bank ATM in Cuttack on Saturday where over Rs 17 lakh was burgled.



A day earlier at Puri, three such cyber thefts were reported and the cash damage was to the tune of Rs 5 lakh. The Commissionerate Police strongly suspect that there is one outfit behind the entire series of thefts and its members are believed to be extremely cyber-savvy.

On Sunday, Police Commissioner YB Khurania convened an urgent meeting of all the banks, ATM service providers as well as senior officers of Reserve Bank of India (RBI) to find out why the banks have been unable to detect such thefts which are primarily carried out by hacking into the computer system of the ATMs.



Sources said, all the ATMs involved in the series of thefts were manufactured by a company called NCR while the service provider for the off-site machines is Mphasis. In all the computers, the operating system was found to be Windows XP, although there was an advisory issued in 2016 to upgrade to Windows 7 and above versions since the former is prone to hacking given its low security.

Investigation revealed that the hackers went to the ATMs during nights, used a key to open the upper compartment of the ATMs where the computers were located. Using a USB drive, the systems were apparently rebooted. Once restarted, the systems were de-linked from the main servers of the service provider and responded to the hackers’ commands who operated from the ATM. By-passing the server, the hackers swiftly dispensed the cash and walked away, without even raising an alarm.

The entire operation takes several minutes.

Although an online monitoring of the ATMs is in place, the service providers failed to come up with satisfactory explanations to Twin City police why the thefts were not detected immediately.



Contacted, Police Commissioner Khurania said, police have found strong clues about those behind such cyber thefts and are working on the leads. “We have also instructed the banks and service providers to report such huge cash thefts on real-time basis to police. Besides, they have been asked to upgrade all the operating systems to Windows 7 and above apart from strengthening the security firewalls,” he added.