If the attacker is an employee of the bank or its Internet provider, they are able to obtain this access remotely, the security firm said.
Attackers can also conduct these attacks by having physical access to the ATM, unplugging the Ethernet cable, and connecting a malicious device to the modem.
Sometimes this modem is placed outside of the ATM cabinet, meaning hackers would not even need to open up the ATM to conduct this attack.
Once an attacker has compromised the ATM, they can either directly target the ATM's software or intercept data passing through the device using man-in-the-middle attacks.
Positive Technologies also noted that 27% of ATMs were vulnerable to spoofing processing centre requests, 58% were vulnerable to attacks which leveraged weak network security, and 69% were vulnerable to Black Box attacks which require physical access to the cabinet.
The company found that most of the ATMs it tested had insufficient data protection and poorly-configured firewalls, making them vulnerable to a variety of attacks.