ATMs could be compromised when Windows XP support ends

The vast majority of bank ATMs today run Windows XP. This could become a problem come April.

If you think getting your father or elder family member to upgrade their old XP PC is tough (“Why?” they ask. “It works just fine,” they say.), imagine what the banks face. They will be hit hard by the end of support for Windows XP because almost all of the automatic teller machines (ATMs) in the country use XP.

Bloomberg reports that the majority of the 420,000 ATMs in the U.S. run XP, although there are some using Windows XP Embedded, a basic version of the OS that is less susceptible to viruses. Microsoft will support that until early 2016.

And the rest? Well, hopefully most of them can be upgraded to Windows 7, because like the XP on your grandfather’s eight-year-old Dell PC, these ATMs will no longer receive upgrades and patches. Either that or they will be junked, and chances are good for the latter. There are independent ATMs out there, the kind you find in gas stations and convenience stores, not allied with any one bank, that look like they are 30 years old.

And unlike the old Windows PCs sitting in doctor offices that likely don’t have an Internet connection, ATM machines have to be wired 24/7 for transactions.

An executive with an ATM software provider says he expects only 15% of bank ATMs in the U.S. to be on Windows 7 by the April deadline, but that it’s not unusual for the ATM industry to move slowly. “As a rule, security patches that directly affect the machines might be issued only once a quarter,” he said.

Coming on the heels of the Target breach, that does not inspire confidence.

How quickly the banks respond remains to be seen. Maybe the Target incident will motivate them. No one wants to end up on the news like Target has. Microsoft is selling custom extensions to the banks, but the costs can be considerable when multiplied over the number of ATMs. No one would discuss the price, but I hope it’s cheap, because this is no time to get greedy.

The cost of upgrading an ATM ranges from a few hundred dollars if it’s just software to a few thousand if new hardware is needed and the ATM is upgradable. The good news is that Windows 7 will enable advanced touch features, like swipe and pinch, something we’re all used to on our smartphones.

But something tells me come April, we’ll be better off staying away from non-bank ATMs.


Via: networkworld

Save pagePDF pageEmail pagePrint page

Leave a Reply

Your email address will not be published. Required fields are marked *