Red Balloon Security, a leading embedded device security company, has partnered with Nautilus Hyosung America (“NHA”), a global leader in providing ATMs, to deliver enhanced security for its retail ATMs. Red Balloon Security identified two vulnerabilities related to retail ATMs and one related to NHA’s retail ATM support mobile application. Following this discovery, Red Balloon Security has been engaged by Nautilus Hyosung America on embedded defense mechanisms to strengthen the security of their ATMs in the retail marketplace.
Nautilus Hyosung is one of the world’s leading providers of ATM technology providing solutions to the financial and retail industry segments and is the largest provider of ATMs in the United States, with over 140,000 installations.
Nautilus Hyosung America has already issued firmware security updates to mitigate possible threats. Nautilus Hyosung America notified all of its commercial customers to immediately update their ATMs with these patches (first released on September 4, 2019). There have been no reported instances of exposure.
“We commend Nautilus Hyosung America for its fast and diligent response to these disclosures, and for taking the appropriate steps to fix these problems,” said Dr. Ang Cui, CEO of Red Balloon Security. “If left unaddressed, the vulnerabilities we discovered could have created a potential for exploitation. We look forward to a continuing relationship with Nautilus Hyosung of America to guard against any potential vulnerabilities of their products.”
Nautilus Hyosung America considers the security needs of its ATMs to be a critical priority and continues to promptly respond to any potential threats as they may arise. As part of its commitment to deliver the highest security for its ATMs and strategy to enhance its ATMs with multilayered security, Nautilus Hyosung America has engaged Red Balloon Security for its expertise in protecting embedded systems. The technical threat landscape is in a continual state of evolution and addressing these threats before they can be exploited is paramount. By engaging with Red Balloon Security, Nautilus Hyosung intends to evaluate additional defense mechanisms to incorporate into its products and offer its customers the most secure ATMs available in the retail marketplace.
About Red Balloon Security
Founded in 2011, Red Balloon Security is a leading cybersecurity provider and research firm that specializes in the protection of embedded devices across all industries. The company’s technology defends embedded systems with a suite of host-based firmware security solutions that provide continuous runtime protection of firmware and secure embedded systems against exploitation. (www.redballoonsecurity.com)
About Nautilus Hyosung America
Nautilus Hyosung America is the North American subsidiary of South Korea-based Hyosung, Inc., a global leader in providing technology advanced ATMs to the retail off-premises and financial institution markets. Since entering the North American market in 1998, Nautilus Hyosung America has become the largest provider of state of the art ATMs in the United States. Nautilus Hyosung America is headquartered in Irving, Texas, and provides research and development support at its Global Software Center in Dayton, Ohio. (www.hyosungamericas.com)