Feeds

ATMs in peril from computer worms?

AV vendors plan sales push

  • alert
  • submit to reddit

Internet Security Threat Report 2014

Some anti-virus firms are trying to carve out a new market for their technology by trying to persuade banks that Automatic Teller Machines (ATMs) running Windows need protecting from computer worms. Trend Micro and Computer Associates have both identified this niche, but some rivals question the immediate need for content filtering on cash points.

The new generation of Automatic Teller Machines (ATMs) are migrating from the IBM OS/2 operating system to Microsoft Windows and IP networks. This saves costs and enhances customer services. But it also means that ATMs are now at risk from computer worms, according to Trend Micro.

"Previously isolated cash machines can now be infected by self-launching network viruses via the banks' IP networks. Infections have the potential to bring down ATM machines, incurring downtime, customer dissatisfaction and increased costs fixing infected machines," it warns. Last August, the Nachi (Welchia) worm contaminated the cash machines at two financial institutions. When the Slammer virus hit the back end systems of the Bank of America in January 2003, 13,000 US ATMs became unavailable.

Scary stuff. But never fear, Trend Micro is on hand to offer assistance. The Japanese-based firm is launching hardware-based network worm filtering technology specially designed for ATMs at a conference later this month. As well as launching its Network VirusWall 300 hardware, Trend will also be exhibiting at the annual ATM security conference (ATM Sec 4) in London on 25 and 26 October.

Raimund Genes, European president of Trend Micro, said that 70 per cent of ATMs are based on either XP or embedded XP. "That's the way manufacturers are taking the ATM and ticketing machine market," he said. "There really isn't much choice."

Computer Associates offers a software development kit that can be applied to systems based on embedded XP. Genes argued that producing AV systems for embedded XP terminals is far from straightforward: using existing enterprise content filtering gateways to protect ATMs would be "overkill". Hardware-based network worm filtering, such as Trend intends to launch offers a better approach, he argued.

But other security vendors question the need for the technology. Nigel Hawthorn, of security appliance firm Blue Coat Systems, said that ATMs commonly operate on a separate physical network, which is closed. "Sasser hit the back-end systems of banks, not ATM machines," he said.

David Emm, senior technology consultant at anti-virus supplier Kaspersky, agrees. "The threat to ATMs is related to how closely they are integrated with the outside world. Normally ATMS are kept on separate systems. Online financial (ebanking) systems are far more at risk," he said.

Trend's Genes said the barriers between the network used by ATMs and the wider Internet are been lowered as banks switch from older telecoms technologies to IP-based networks. He acknowledged that widely deployed AV technology alone is failing to protect enterprises from fast-spreading worms. But Trend's worm filtering tech would prove far more successful in keeping cashpoints up and running in the face of viral onslaught, he says. ®

Related stories

Nachi worm infected Diebold ATMs
ATMs, ISPs hit by Slammer worm spread
Virus writers seek cash from chaos

Internet Security Threat Report 2014

More from The Register

next story
George Clooney, WikiLeaks' lawyer wife hand out burner phones to wedding guests
Day 4: 'News'-papers STILL rammed with Clooney nuptials
Shellshock: 'Larger scale attack' on its way, warn securo-bods
Not just web servers under threat - though TENS of THOUSANDS have been hit
Apple's new iPhone 6 vulnerable to last year's TouchID fingerprint hack
But unsophisticated thieves need not attempt this trick
PEAK IPV4? Global IPv6 traffic is growing, DDoS dying, says Akamai
First time the cache network has seen drop in use of 32-bit-wide IP addresses
Oracle SHELLSHOCKER - data titan lists unpatchables
Database kingpin lists 32 products that can't be patched (yet) as GNU fixes second vuln
Researchers tell black hats: 'YOU'RE SOOO PREDICTABLE'
Want to register that domain? We're way ahead of you.
Stunned by Shellshock Bash bug? Patch all you can – or be punished
UK data watchdog rolls up its sleeves, polishes truncheon
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
The next step in data security
With recent increased privacy concerns and computers becoming more powerful, the chance of hackers being able to crack smaller-sized RSA keys increases.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.