Advertisment

Cybercriminals finding new methods to target ATM machines

author-image
Sharath Kumar
New Update

BANGALORE, INDIA: Banking operations, including Any Time Money (ATM) services, may be hit as support from Microsoft for Windows XP operating system will end from April 8, the RBI said, asking banks to take immediate steps to control this.

Advertisment

In India, the Reserve Bank Of India (RBI) has already cautioned banks that the end of support for Windows XP is likely to increase the probability of attacks on such a system and may affect ATM operations.

In an interview with CIOL's Sharath Kumar, Tarun Kaura, director, Technology Sales, India, Symantec shares his thoughts on the probable attack vectors and possible solutions for banks to prevent cyber attacks.

Excerpts:

Advertisment

CIOL: Do you have any estimate on number of ATMs that run on WS XP?

Tarun Kaura: An estimated 95 percent of the world's ATMs are today powered by Windows XP.

CIOL: Once MS stops support to, what are the different possibilities of attacks on finacial institutions or cash vending machines?

Advertisment

TK: More than 30 percent of desktop operating systems today run on Windows XP. While it is difficult to gauge the possible attacks, it is important to understand that as Microsoft ends the support for Windows XP operating system on April 8th 2014 - the weaknesses discovered in Windows XP after this deadline will go unpatched, leaving users/devices vulnerable to security risks. All the devices running on this OS in various sectors/industries including the banking sector will become more vulnerable.

So, if there is a vulnerability that has not been documented and if some hacker exploits the same, then identifying it & protecting it becomes questionable. Even the most current and comprehensive security products, as well as Microsoft's own Malicious Software Removal tool, cannot fully protect an OS that does not receive vulnerability updates, which increases risk for the user.

CIOL: How vulnerable are ATMs to increasingly sophisticated cyber-attacks (whether they are running on MS XP or other OSs)?

Advertisment

TK: About 95 percent of the world's ATMs powered by Windows XP also represents that a significant number of enterprises, small businesses and consumers that could be left unprotected and vulnerable as there might arise a lot of unknown areas/aspects on the OS that we might not know, on real time basis.

As Windows XP moves closer to its expiry date cybercriminals are finding newer and more sophisticated methods to target enterprises especially ATM machines as it is one of the easiest ways to make a quick buck. Symantec has recently identified a malware called Backdoor.Ploutus.B that is specifically created to target ATMs. Generally referred to as Ploutus, it allows cybercriminals to simply send an SMS to the compromised ATM, then walk up and collect the dispensed cash. It may seem incredible but this technique is being used in a number of places across the world at this time.

CIOL: Are there any possible solutions to stop such attacks other than upgrading OS? And how can anti-virus providers help in this regard?

Advertisment

TK: A number of measures could be taken to make things more difficult for the criminals. These include:

* Upgrading to a supported operating system such as Windows 7 or 8.

* Providing adequate physical protection and considering CCTV monitoring for the ATM.

* Locking down the BIOS to prevent booting from unauthorized media, such as CD ROMs or USB sticks.

* Using full disk encryption to help prevent disk tampering.

* Using a system lock down solution such as Symantec Data Center Security: Server Advanced (previously known as Critical System Protection).

CIOL: How can a security company like Symantec help banks in the present scenario?

Advertisment

TK: At Symantec, we firmly believe that running up-to-date security products is a critical step in protecting an enterprise's information, systems and devices. Symantec's security solutions will continue to support Windows XP systems for the foreseeable future, but we strongly recommend users and enterprises still using Windows XP upgrade to a more current operating system as soon as possible and protect it with a robust security solution.

For users, Norton 360 Multi-Device is a good option because it can protect multiple devices, including PCs, Macs and mobile devices, with one single solution. The latest versions of Norton's security products feature five patented layers of industry-leading protection - file, network, behavior, reputation and remediation - as well as support for the latest versions of Windows, Mac, iOS and Android.

For enterprises, Symantec Endpoint Protection 12.1.4 is a good option that's built on multiple layers of protection, including Symantec Insight and SONAR, and designed to protect against new and unknown threats. Symantec Critical System Protection also offers important server protections for physical and virtual data centers that allow enterprises to lock down applications, configuration settings and resources so that malicious code and vulnerabilities cannot be exploited.

tech-news