95% of bank ATMs face end of security support
By Jose Pagliery  @Jose_Pagliery March 4, 2014: 6:59 AM ET

Nearly all ATMs run on Windows XP, and that'll soon be a problem.

NEW YORK (CNNMoney)

Banks everywhere are in a race against time to upgrade their ATMs before they become hot targets for hackers.

An estimated 95% of American bank ATMs run on Windows XP, and Microsoft is killing off tech support for that operating system on April 8. That means Microsoft (MSFT, Fortune 500) will no longer issue security updates to patch holes in Windows XP, leaving those ATMs exposed to new kinds of cyberattacks.

"This isn't a Y2K thing, where we're expecting the financial system to shut down. But it's fairly serious," said Kurtis Johnson, an ATM expert with U.S. manufacturer Triton.

If banks fail to upgrade their ATMs to a newer version of Windows by April, customers might be at risk. If hackers discover new flaws in Windows XP, those bugs will go unaddressed, leaving attackers free to exploit them.

It can't yet be known what hackers could do with a Windows XP ATM after April 8. But the prospect of providing a potentially compromised machine with your account and PIN information is unsettling.

Major banks are now cutting special deals with Microsoft to extend life support for their Windows XP machines while they replace their fleet of ATMs. JPMorgan bought a one-year extension of service and plans to start upgrading ATMs to Windows 7 at Chase banks in July. Citibank and Wells Fargo said they're also upgrading ATMs, but they wouldn't provide details about their plans. Bank of America did not respond to requests for comment.

Replacing the operating systems on ATMs is a major undertaking. In the United States, there are 210,500 bank ATMs, about 200,000 of which run on Windows XP, according to Retail Banking Research in London. In most cases, banks must upgrade the software one ATM at a time, and some will need the entire computer inside replaced too. Labor included, it's a process that experts in the ATM industry say could cost anywhere between $1,000 and $3,500 apiece.

"Once they start using an operating system, they'll ride it as long and as hard as they can," said Wes Dunn, a sales executive at ATM manufacturer Genmega.

It might sound odd that ATMs are running on aging software better suited to a home PC. In fact, security experts have chastised the financial industry for putting ATMs on a PC operating system in the first place. They argue ATMs should be using software that is scaled down and less buggy, such as Linux.

But banks long ago decided that Microsoft's familiar way of displaying windows and text would sit well with customers.

Upgrading to Windows 7 or 8 will give ATMs more of a sleek feel that resembles the latest apps on tablets and smartphones, said Jeff Dudash, a spokesman for ATM manufacturer NCR.

One ATM manufacturer, Diebold (DBD), says banks are using this opportunity to add newer card readers to their ATMs that accept more secure chip-and-PIN cards. Those cards have already been adopted worldwide but have yet to grow popular in the United States.

Banks that retrofit their ATMs with new hardware will, in the future, be able to upgrade their entire fleets of ATMs with a click of a button. Modern technology allows companies to push software updates via their networks instead of paying each ATM a physical visit.

Ironically, bank customers have less to worry about from those nondescript ATMs found in malls, bars and tiny convenience stores. Those 208,000 independently-run kiosks, built by Triton, Genmega and Nautilus Hyosung, make up the other half of the nation's ATMs. And nearly all of them run on an even older, simpler operating system called Windows CE -- which Microsoft still supports.

First Published: March 4, 2014: 6:59 AM ET

http://money.cnn.com/2014/03/04/technology/security/atm-windows-xp/


Comments

Post a Comment

Popular posts from this blog

BMW traps alleged thief by remotely locking him in car

BMW traps alleged thief by remotely locking him in car Stealer's Wheel? Seattle police department quotes "Watchmen" movie in a recap of the recent arrest. Tech Culture by Gael Fashingbauer Cooper December 4, 2016 5:00 PM PST It's maybe the most satisfying arrest we can imagine. Seattle police caught an alleged car thief by enlisting the help of car maker BMW to both track and then remotely lock the luckless criminal in the very car he was trying to steal. Jonah Spangenthal-Lee, deputy director of communications for the Seattle Police Department, posted a witty summary of the event on the SPD's blog on Wednesday. Turns out if you're inside a stolen car, it's perhaps not the best time to take a nap. "A car thief awoke from a sound slumber Sunday morning (Nov. 27) to find he had been remotely locked inside a stolen BMW, just as Seattle police officers were bearing down on him," Spangenthal-Lee wrote. The suspect found a ke...
Read more

Report: World’s 1st remote brain surgery via 5G network performed in China

World’s 1st remote brain surgery via 5G network performed in China Published time: 17 Mar, 2019 13:12 ·           A Chinese surgeon has performed the world’s first remote brain surgery using 5G technology, with the patient 3,000km away from the operating doctor. Dr. Ling Zhipei remotely implanted a neurostimulator into his patient’s brain on Saturday, Chinese state-run media  reports . The surgeon manipulated the instruments in the Beijing-based PLAGH hospital from a clinic subsidiary on the southern Hainan island, located 3,000km away. The surgery is said to have lasted three hours and ended successfully. The patient, suffering from Parkinson’s disease, is said to be feeling well after the pioneering operation. The doctor used a computer connected to the next-generation 5G network developed by Chinese tech giant Huawei. The new device enabled a near real-time connection, according to Dr. Ling.  “You barely feel that th...
Read more

New ATM's: withdraw money with veins in your finger

New cash machines: withdraw money with veins in your finger Cash machine technology that reads the pattern of finger veins is already available in Japan and Poland   By Telegraph Reporters 6:59PM BST 15 May 2014 Cash machines could soon be installed with devices that identify customers by reading the veins in their fingers. The technology is already being rolled out in Poland, where 1,730 cash machines will this year be installed with readers, negating the need for a debit card and Pin. Developed by Hitachi, the Japanese electronics firm, the machines read the patterns of the veins just below the surface of the skin on your finger using infra-red sensors. The light is partially absorbed by haemoglobin in the veins to capture a unique finger vein pattern profile, which is matched to a profile. The technology is used by Japanese banks and also in Turkey, offering “groundbreaking levels of accuracy and speed of authentication”, Hitachi said, which in t...
Read more