Cash crash ahead? ‘Death’ of Windows XP could leave 95% of world’s ATMs vulnerable

Discussion in 'other security issues & news' started by SweX, Jan 22, 2014.

Thread Status:
Not open for further replies.
  1. SweX

    SweX Registered Member

    Joined:
    Apr 21, 2007
    Posts:
    6,429
    http://www.welivesecurity.com/2014/...-xp-could-leave-95-of-worlds-atms-vulnerable/
     
  2. safeguy

    safeguy Registered Member

    Joined:
    Jun 14, 2010
    Posts:
    1,709
    I found it interesting that according to the article, most ATMs run the full version of XP instead of XP Embedded. Where does the data come from?
     
  3. SweX

    SweX Registered Member

    Joined:
    Apr 21, 2007
    Posts:
    6,429
    Don't know where the data comes from sorry, I can't help but wonder what's included in the "custom support contract" that is supposed to extend the life of an ATM running XP. :)
     
  4. nosirrah

    nosirrah Malware Fighter

    Joined:
    Aug 25, 2006
    Posts:
    561
    Location:
    Cummington MA USA
    You would think that something like an ATM would be a perfect candidate for HIPS so that nothing off the white list could run.
     
  5. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,697
    The same thing like the Y2K scare - boring.
    Mrk
     
  6. act8192

    act8192 Registered Member

    Joined:
    Nov 9, 2006
    Posts:
    1,273
    Susan Bradley described what sort of XP is used, see the first story
    http://windowssecrets.com/newsletter/a-few-security-lessons-from-the-target-breach/

     
  7. safeguy

    safeguy Registered Member

    Joined:
    Jun 14, 2010
    Posts:
    1,709
    That is exactly why I asked where does the data come from in my above post. It's an open question to anyone who might know (not just Swex)

    XPe (supported till 2016) was targeted for POS devices like ATMs so I'm inclined to believe that the admins in charge should know about it and use it. It caught my attention when the article states that "most ATMs" are running WinXP. I'm having doubts on that particular statement. If it's true, why would that be the case? Not accusing but would like to see reference to backup that info.
     
  8. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    I have worked with XP ATMs. I assure you they are easily defeated, whether embedded or not.

    Without naming names, I know more than one major branch that uses XP. Easily the majority in the US.
     
  9. Tarnak

    Tarnak Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    3,875
    I am sure that when I walk up to that hole in the wall, I will still be able to withdraw cash. ;)
     
Loading...
Thread Status:
Not open for further replies.