I’ve been saying for a while now that if you run Windows XP, you should make the switch to a newer Windows OS. That’s because the OS is due to be retired in April of this year. As a result people and companies are rushing to make the switch. However, what may shock you is that 95% of ATMs out there run some flavor of Windows XP and many of them are caught in this situation:
When ATMs were introduced more than 40 years ago, they were considered advanced technology. Today, not so much. There are 420,000 ATMs in the U.S., and on April 8, a deadline looms for nearly all of them that underscores how sluggishly the nation’s cash delivery system moves forward. That’s the dayMicrosoft (MSFT) cuts off tech support for Windows XP, meaning that ATMs running the software will no longer receive regular security patches and won’t be in compliance with industry standards. Most machines that get upgraded will shift to Windows 7, an operating system that became available in October 2009. (Some companies get a bit of a reprieve: For ATMs using a stripped-down version of XP known as Windows XP Embedded, which is less susceptible to viruses, Microsoft support lasts until early 2016.)
And, they may not be able to shift over to a newer Windows OS fast enough:
Aravinda Korala, chief executive officer of ATM software provider KAL, says he expects only 15 percent of bank ATMs in the U.S. to be on Windows 7 by the April deadline. “The ATM world is not really ready, and that’s not unusual,” he says. “ATMs move more slowly than PCs.” While ATMs seem to be everywhere, their total number—an estimated 3 million worldwide, according to consulting firm Retail Banking Research—isn’t very many compared with the global base of Windows users. As a rule, security patches that directly affect the machines might be issued only once a quarter, Korala says.
Net result. They could be subject to being targets of hacking and malware:
ATMs whose operators ignore the deadline will continue to function, says Dean Stewart, an executive at Diebold (DBD), which makes ATMs. They’ll just become more vulnerable to malware and other attacks against weaknesses discovered over time in Windows XP. (Customer balances are safe under the standard protections banks offer to ATM users against fraud.) “It’s a very real risk,” Stewart says. “No ATM operator wants to get his name in the paper.”
Now I should point out that if you get victimized by something related to this, your bank will likely have your back and your funds will be safe. But from personal experience, the hoops that you have to hop through to deal with a situation like this can be time consuming, frustrating and painful. Thus I hope that banks upgrade their ATMs as quickly as possible. That way consumers and banks are protected.
Oh, before anyone thinks this is just theory and speculation. It isn’t. I will cite two examples of successful hacks of Windows XP based ATMs. This will only increase in April and beyond one suspects.
Related
This entry was posted on January 17, 2014 at 9:39 am and is filed under Commentary with tags Banking, Security. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Your ATM Uses Windows XP And Why You Should Be Afraid
I’ve been saying for a while now that if you run Windows XP, you should make the switch to a newer Windows OS. That’s because the OS is due to be retired in April of this year. As a result people and companies are rushing to make the switch. However, what may shock you is that 95% of ATMs out there run some flavor of Windows XP and many of them are caught in this situation:
When ATMs were introduced more than 40 years ago, they were considered advanced technology. Today, not so much. There are 420,000 ATMs in the U.S., and on April 8, a deadline looms for nearly all of them that underscores how sluggishly the nation’s cash delivery system moves forward. That’s the dayMicrosoft (MSFT) cuts off tech support for Windows XP, meaning that ATMs running the software will no longer receive regular security patches and won’t be in compliance with industry standards. Most machines that get upgraded will shift to Windows 7, an operating system that became available in October 2009. (Some companies get a bit of a reprieve: For ATMs using a stripped-down version of XP known as Windows XP Embedded, which is less susceptible to viruses, Microsoft support lasts until early 2016.)
And, they may not be able to shift over to a newer Windows OS fast enough:
Aravinda Korala, chief executive officer of ATM software provider KAL, says he expects only 15 percent of bank ATMs in the U.S. to be on Windows 7 by the April deadline. “The ATM world is not really ready, and that’s not unusual,” he says. “ATMs move more slowly than PCs.” While ATMs seem to be everywhere, their total number—an estimated 3 million worldwide, according to consulting firm Retail Banking Research—isn’t very many compared with the global base of Windows users. As a rule, security patches that directly affect the machines might be issued only once a quarter, Korala says.
Net result. They could be subject to being targets of hacking and malware:
ATMs whose operators ignore the deadline will continue to function, says Dean Stewart, an executive at Diebold (DBD), which makes ATMs. They’ll just become more vulnerable to malware and other attacks against weaknesses discovered over time in Windows XP. (Customer balances are safe under the standard protections banks offer to ATM users against fraud.) “It’s a very real risk,” Stewart says. “No ATM operator wants to get his name in the paper.”
Now I should point out that if you get victimized by something related to this, your bank will likely have your back and your funds will be safe. But from personal experience, the hoops that you have to hop through to deal with a situation like this can be time consuming, frustrating and painful. Thus I hope that banks upgrade their ATMs as quickly as possible. That way consumers and banks are protected.
Oh, before anyone thinks this is just theory and speculation. It isn’t. I will cite two examples of successful hacks of Windows XP based ATMs. This will only increase in April and beyond one suspects.
Share this:
Like this:
Related
This entry was posted on January 17, 2014 at 9:39 am and is filed under Commentary with tags Banking, Security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.