CONTINUE TO SITE »
or wait 15 seconds

News

Kaspersky ATM security solution promises big malware defense in a small package

July 8, 2016

Kaspersky Lab recently announced the availability of Kaspersky Embedded Systems Security, a targeted enterprise-grade solution designed to defend ATMs, point-of-sale systems and point-of-service machines against malware attacks.

The solution works to protect a variety of Windows-based platforms that handle sensitive financial operations, a press release said.

Kaspersky Lab said it has observed an increasing number of dedicated ATM malware threats dating back to 2009. The most recent example replaces hardware card skimmers with malware that forces the infected ATM to dispense cash. 

Carbanak, one of the most damaging cybercriminal campaigns of 2014–2015, included cash dispensing functionalities as well as other ATM-targeted malware. "This year we have observed the rapid development of these high-tech bank robberies," the Kaspersky release said. And, according to the security specialist, the threat continues to grow.

The release identified several issues that make ATMs a target for malware:

  • they typically carry a limited amount of software on limited-performance computers, often running outdated operating systems such as Windows XP;
  • they often connect to a network via 3G and wireless channels and are geographically scattered, presenting additional security and management challenges; and
  • compliance requirements such as PCI DSS are very broad, and do not necessarily bring about the required level of protection.

According business lead Dmitry Zveginets, Kaspersky Embedded Systems Security addresses these vulnerabilities:

The first challenge we had to solve was to squeeze in the most up-to-date security technologies in a product designed to run on machines with very limited capacity. Upgrade cycles for ATM and POS fleets are slow, and it is not uncommon to find a perfectly working machine that was built more than 10 years ago running similarly outdated software.

We've created a new product compatible with seven generations of computer hardware, which protects the system, even without an internet connection, and is highly flexible, in order to meet the unique demands of financial organizations as well as regulations such as PCI DSS. On top of this we have included advanced protection technologies like the Default Deny mode that bring financial security to a higher level.

The solution supports Windows versions from XP up to and including Windows XP Embedded, Windows Embedded 8.0 Standard and Windows 10 IoT. Additionally, it can run on systems with as little as 256 megabytes of memory and just 50 megabytes of available disk space, Kaspersky said.

The product provides centralized reporting and management as well as a special default deny mode that blocks attempts to run any unauthorized executable code or drivers on ATMs and POS terminals. It is integrated with the cloud-based Kaspersky Security Network to provide up-to-date threat intelligence and quick response to attacks, the release said.

Related Media

Security
Examining biggest ATM security issues and 4 strategies to prevent them
Security
Banking privacy: 5 benefits for banks, customers
Security
Protecting an ATM's hardware, software by slowing down criminals
On-Demand Webinar
A Masterclass in ATM Security: Global Best Practices and Trends
Presented by Diebold Nixdorf

Software
Top 10 ATM software solutions
Software
Examining the past, present and future of XFS
Commentary
ATM features: 5 to include
Special Report
2024/25 ATM & Self-Service Software Trends
Presented by KAL ATM Software GmbH
Recent Posts
Forsyth County, Georgia aims to regulate bitcoin ATMs
Tri Counties Bank opens San Francisco branch
UC Berkeley selects BMO as official bank
Chime intros card with 1.5% cashback
TD Bank bringing dog treat ATMs to 14 locations


©2025 Networld Media Group, LLC. All rights reserved.
b'S1-NEW'