Many of the 65,000 ATMs in the UK could be at risk from cyber attack in the New Year when Microsoft ends extended support for the embedded version of its Windows XP operating system, warn researchers at UK IT security firm Abatis.
From January 2016, Microsoft will be issuing no further security patches or updates for the OS still used in the majority of ATMs to deliver cash to customers in the UK and in many other counties around the world.
“The desktop version of Windows XP ceased to be supported by Microsoft in July 2014 and while the embedded version was given extended support until January 2016, most ATMs still rely on the old operating system,” said Kerry Davies, CEO at Abatis. “This presents major problems for the banks and puts their customers’ cash at risk, which is the last thing anyone wants as they check their accounts after a costly Christmas and early sales.
Abatis warns that the lack of security updates makes the ATM network far more at risk from sustained hacker attacks and malware infection and more vulnerable to theft and Denial of Service (DoS) attacks. “The problem is made worse by the fact that traditional defences have been shown to be increasingly inadequate at stopping the latest malware attacks,” says Davies.
While customers can pay for extended support from Microsoft it is very expensive. As a result certain major banks are already planning to roll out new patented Host Integrity Technology from Abatis with its unique zero-day approach to stopping known and unknown malware, from viruses and worms to key-loggers, root-kits, and Trojan-horses. The Abatis solution does not rely on signature file updates, white-listing, heuristic analysis or sandboxing, but instead denies any unauthorised modifications and blocks unwanted write operations or executables in real time to prevent hacking activity and malware infection.
“As well as excellent zero-day defence, the Abatis software also offers a very low maintenance overhead and with a very small footprint of just 100KB, which makes it ideal for use in ATMs along with retail Point of Sale (POS) terminals to secure old legacy operating systems with minimal cost and disruption,” says Davies.
The post New Year threat to ATMs – End of support for Windows XP puts national cash network at risk (opens in new tab) appeared first on IT SECURITY GURU (opens in new tab).