Many Bank ATMs Still Using Windows XP After Microsoft Has Ended Support for It
Despite the fact that Microsoft has ended the extended support phase for the Windows XP (as of April 8th, 2014), a significant number of bank ATMs are still running the relatively outdated operating system. Unfortunately, this means that some ATMs could be at risk of being hacked and exploited by cyber criminals.
Luckily for the average consumer, most major banks and organizations have arranged an extended service deal with Microsoft to ensure ongoing support during a transition to a newer, safer operating system. Still, there are some standalone ATMs that have already been attacked by malicious software. Hackers have begun creating automated programs that force ATMs to spew cash after inserting preprogrammed USB sticks equipped with specially designed malware.
Although ATMs have had USB ports for more than a decade, and this method of entry has always presented an exploitation opportunity to adept hackers, now that standalone ATMs running XP are no longer receiving security patches the risk level is higher than ever.
A hacking group in Europe has already begun taking advantage of the new security flaws, stealthily emptying out ATMs in multiple regions without being caught. Apparently the crooks have extensive knowledge of ATM technology, as they would need to know important details about both the hardware and software of the device in order to remove the casing and find the hidden USB port without being noticed.
Fortunately, the malicious software used to rob ATMs doesn't seem to be concerned with tracking the personal information or PIN numbers of ATM users. Still, it is possible that such data could be getting extracted without a trace, because once the malware-infected USB stick is removed there could be no evidence that data has been extracted as long as no cash was taken.
While extracting all of a machine's cash is certainly a quicker payoff, authorities are concerned that hackers could use the stealthier data extraction approach to obtain user credentials and then extract money directly from the accounts of businesses and individuals even after the ATMs have been upgraded.
Right now about 95% of the world's ATMs run on Windows XP, and only about one third of the more than two million ATMs have received security updates. That means that two thirds of the world's ATMs could be at risk for being exploited due to unpatched holes.
Most ATMs that operate within the networks of major banks are considered safe at the moment, as the majority of these banks have arranged a deal with Microsoft, including but not limited to Bank of America, J.P. Morgan, and Wells Fargo.
In addition to paying for an expensive support extension with Microsoft, banks also have the option of using proprietary application control utilities to keep hackers out. These anti-malware tools work by scanning any applications that are run on the ATM and only approving authorized programs.
Many people are curious as to why so many financial institutions and government agencies are still using Windows XP in 2014, especially considering that Microsoft has been issuing warnings about the expiration of support since 2009. Obviously, there is no definitive answer to this question, but the reasoning seems to be a combination of budgeting restrictions, poor administrative prioritizing, and maybe a bit of the "if it isn't broke don't fix it" mentality.