Will ATMs really be easy money for hackers after XP support ends?

Only admnistrator owned posts can execute the include me shortcode

Windows XP will reach the end of life on April 8, 2014, and there is already much fear on the Internet that ATMs are not ready for XP Armageddon. But when I read about Windows XP-based ATMs on a few reputable websites, I learned that these ATMs are not as vulnerable as recently projected.

An ATM has much more to offer than just XP. About 80 percent of ATMs worldwide still use Windows XP Embedded POS-Ready versions with many limitations that would make hacking really difficult. In addition, ATMs also use various security measures on the hardware side. And I don’t forget to mention that ATMs communicate with encrypted data – which further reduces hacking.

Will ATMs really be vulnerable, especially after Windows XP support ends on April 8? Maybe a little because of external tactics like skimming, but when coming to the software, Windows XP Embedded, it’s not easy to pass your data to hackers.

End of support hours for Windows XP embedded systems

Only admnistrator owned posts can execute the include me shortcode

I took this part of the windowsbulletin.com Forum. Below are the extended support dates for embedded systems:

  • Windows XP Professional for Embedded Systems – Expanded Support ends April 8, 2014
  • Windows XP Embedded Service Pack 3 (SP3) – Expanded Support ends January 12, 2016
  • Windows Embedded for Point of Service SP3 – Expanded Support ends January 12, 2014
  • Windows XP Professional for Embed Service SP3. April 2016
  • Windows Embedded Standard 2009 – Extended Support ends January 8, 2019
  • Windows Embedded POS-Ready 2009 – Extended Support ends April 9, 2019

Note that Windows XP Embedded POS-Ready systems are supported until 2019.

Reason why ATMs have not been updated

If we are to believe ZDnet, there will soon be a major update. There is a kind of new mechanism that must be integrated into the machines according to the new MasterCard and VISA rules. Together with EuroPay, the two companies have developed a new technology to secure payments at ATMs. As usual, users should use their cards and PINs, but the central bank system should be able to process these transactions without error. There is also a deadline – April 2015

By combining the two upgrades, ABMs will want to move to the new operating system while adopting this new technology for POS.

Do you have to worry about ATMs?

Not really! This does not mean that you stop following normal procedures, such as not giving your PIN to strangers or using the machine while others are still there. The banks are trying to counter external attacks, and I think something will come out soon, if it’s not already done.

Our TWC Forum moderator and Microsoft MVP, Bill aka Digerati made an interesting comment:

I note that the vast majority of the millions of ATMs in the world use XP Embedded. Since ATMs connect via VPNs and have no open access to the Internet (or from the Internet), recent horror stories of people trying to sensationalize the daily to increase the number of viewers are just another example of irresponsible, unprofessional and untruthful media coverage and attention-seeking, expert bloggers. Of course, ATM systems can be hacked, but this is extremely difficult and rare. Most hacking is done using skimming devices (hidden card readers).

In short, you don’t have to worry about ATM vulnerabilities caused by using Windows XP, because XP is just one of many components used by ATMs. With physical security and encrypted transactions, the chances of hackers trying to access ATMs are low.

Only admnistrator owned posts can execute the include me shortcode