Is your ATM vulnerable to hackers? - WALB.com, Albany News, Weather, Sports

Is your ATM vulnerable to hackers?

Posted: Updated:
NEW YORK, NY (WALB) -

(CNNMoney)

Banks everywhere are in a race against time to upgrade their ATMs before they become hot targets for hackers. An estimated 95% of American bank ATMs run on Windows XP, and Microsoft is killing off tech support for that operating system on April 8.

That means Microsoft (MSFT, Fortune 500) will no longer issue security updates to patch holes in Windows XP, leaving those ATMs exposed to new kinds of cyber attacks. "This isn't a Y2K thing, where we're expecting the financial system to shut down. But it's fairly serious," said Kurtis Johnson, an ATM expert with U.S. manufacturer Triton.

If banks fail to upgrade their ATMs to a newer version of Windows by April, customers might be at risk. If hackers discover new flaws in Windows XP, those bugs will go unaddressed, leaving attackers free to exploit them. It can't yet be known what hackers could do with a Windows XP ATM after April 8.

But the prospect of providing a potentially compromised machine with your account and PIN information is unsettling. Related story: Apple ends security updates for Snow Leopard Major banks are now cutting special deals with Microsoft to extend life support for their Windows XP machines while they replace their fleet of ATMs.

JPMorgan (JPM, Fortune 500) bought a one-year extension of service and plans to start upgrading ATMs to Windows 7 at Chase banks in July. Citibank (C, Fortune 500) and Wells Fargo (WFC, Fortune 500) said they're also upgrading ATMs, but they wouldn't provide details about their plans.

Bank of America (BAC, Fortune 500) did not respond to requests for comment. Replacing the operating systems on ATMs is a major undertaking. In the United States, there are 210,500 bank ATMs, about 200,000 of which run on Windows XP, according to Retail Banking Research in London.

In most cases, banks must upgrade the software one ATM at a time, and some will need the entire computer inside replaced too. Labor included, it's a process that experts in the ATM industry say could cost anywhere between $1,000 and $3,500 apiece.

"Once they start using an operating system, they'll ride it as long and as hard as they can," said Wes Dunn, a sales executive at ATM manufacturer Genmega.

 

Copyright 2014 WALB.  All rights reserved.