End of support for Windows XP puts national cash network at risk
Many of the 65,000 ATMs in the UK could be at risk from cyber attack in the New Year when Microsoft ends extended support for the embedded version of its Windows XP operating system, warn researchers at UK IT security firm Abatis. From January 2016, Microsoft will be issuing no further security patches or updates for the OS still used in the majority of ATMs to deliver cash to customers in the UK and in many other counties around the world.
“The desktop version of Windows XP ceased to be supported by Microsoft in July 2014 and while the embedded version was given extended support until January 2016, most ATMs still rely on the old operating system,” said Kerry Davies, CEO at Abatis. “This presents major problems for the banks and puts their customers’ cash at risk, which is the last thing anyone wants as they check their accounts after a costly Christmas and early sales.
Abatis warns that the lack of security updates makes the ATM network far more at risk from sustained hacker attacks and malware infection and more vulnerable to theft and Denial of Service (DoS) attacks. “The problem is made worse by the fact that traditional defences have been shown to be increasingly inadequate at stopping the latest malware attacks,” says Davies.
While customers can pay for extended support from Microsoft it is very expensive. As a result certain major banks are already planning to roll out new patented Host Integrity Technology from Abatis with its unique zero-day approach to stopping known and unknown malware, from viruses and worms to key-loggers, root-kits, and Trojan-horses. The Abatis solution does not rely on signature file updates, white-listing, heuristic analysis or sandboxing, but instead denies any unauthorised modifications and blocks unwanted write operations or executables in real time to prevent hacking activity and malware infection.
“As well as excellent zero-day defence, the Abatis software also offers a very low maintenance overhead and with a very small footprint of just 100KB, which makes it ideal for use in ATMs along with retail Point of Sale (POS) terminals to secure old legacy operating systems with minimal cost and disruption,” says Davies.
Abatis won ‘Most Innovative Product’ at the Cyber Security Awards in July 2015 and was also a finalist in the TechUK Innovative Cyber Company 2015 Awards and identified in a 2014 Forrester Research Report as one of the few technologies that could replace AV in the future and highlighted Abatis as a ‘Company to Watch’. Abatis is a start-up British company spun out of the Enterprise Centre at Royal Holloway University of London focused on the research, design and development of non-signature based Host Integrity Technology. Professor Fred Piper of Royal Holloway heads the Abatis advisory board. Abatis was granted a US Patent for its technology in May 2015 and the European Patent is pending.
[su_box title=”About Abatis HDF” style=”noise” box_color=”#336588″]
Abatis HDF is a host based software only solution that is implemented as a kernel driver on Windows platforms. It intercepts and mediates file write access to the computer’s permanent storage e.g. local hard disk, network shares and removable storage devices such as USB stick and external disk. It is designed to help enforce system and file integrity without complex management overheads. It achieves this security objective by exercising robust access control over the writing of executable files and user-defined files (protected files) to a computer. It protects against unauthorised modification and denies unauthorised write operations. While HDF blocks unwanted executables by default, the HDF system administration can define files for integrity protection according to the computer’s roles.
Ideally, Abatis HDF should be deployed on a newly installed ‘clean’ operating system. From this secure initial state (baseline), Abatis HDF will prevent malware infection then on. For most corporate environments, Abatis HDF is rolled out at stages and there may be extant undetected infections on systems – often referred to as Advanced Persistent Threats (APTs). Abatis HDF’s unique operation and extensive audit log allows the malware to be identified. Abatis HDF can also reveal rootkit infections and facilitates the subsequent removal of such programs.[/su_box]
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.