ATM operators with Windows XP could face hacking risks, PCI Council warns

Up to 95% of the world's ATMs will be at high risk of getting hacked next month as Microsoft ends tech support for the Windows XP operating system, the PCI Security Standards Council is warning.

Up to 95% of the world’s ATMs will be at high risk of getting hacked next month as Microsoft ends tech support for the Windows XP operating system, the PCI Security Standards Council is warning.

As Microsoft recently announced, on the 8 April the software company will stop rolling out security updates and patches for XP, leaving machines running the 12-year-old operating system more vulnerable to attack.

ATMs running XP Embedded are not affected because Microsoft is not cutting off its support until 2016.

Apparently, the process of upgrading Windows XP to an alternative such as Windows 7 is both complicated and expensive for ATM operators, with many older machines needing to be altered one by one. Indeed, most are not expected to have made the switch within the next month.

JPMorgan has bought a custom one-year tech support agreement from Microsoft and will not begin migrating its 19,000 machines to Windows 7 until July, media reports said. Moreover, Wells Fargo and Citi say that they are working on upgrading their networks.

In addition, Microsoft recently warned that the Indian banking industry’s reliance on XP could put more than 34,000 branches at risk.
On its site, PCI SSC is urging firms to take the plunge: "Don’t make yourself an easy target, talk to your technology provider today and make sure your PC and systems are not putting your customers’ confidential payment card data and your business at risk."