NCR recommends using whitelisting information security on ATMs
NCR, one of the world's biggest ATM producers, now recommends to use advanced information protection systems on the ATMs via NCR Security Update and to lower the reliance on traditional antivirus approach. Advanced protection software is necessary to prevent physical infection of the ATM by malicious software, according to latest issues of NCR Security Update. Malware infections of the ATMs became especially prevalent after Trojans capable of replacing traditional skimmers appeared on the international black market and started being even more dangerous after remote cash dispensing Trojans like Ploutus started to appear.
Traditional antivirus protection inability to protect valuable and critically important IT infrastructure objects from targeted attacks was obvious for many years but in the past such attacks were relatively rare and happened mostly in context of cyberwars with Stuxnet worm disrupting Iran nuclear program being notable example. Situation started to change recently when targeted attacks found their use among usual cybercriminals aimed at stealing money and wide distribution of advanced cybercrime tools made proactive protection more profitable than planning to lose some money to security incidents.
Other NCR recommendations include device control for anything connectable to ATMs, using firewalls and providing the possibility to update software securely and without risks.
“Most malware infection incidents right now happen in Latin America, but it doesn’t mean that developed countries are safe from this threat”, says Denis Gasilin, Head of marketing in SafenSoft, self-service device information security solutions developer. “To make matters worse, even the EMV standard that makes traditional skimmers useless offers no protection against software skimmers currently employed by some cybercriminals. Many Trojans have the capabilities to disable traditional protection installed on the ATM and to remove itself from the system leaving no trace after crime is committed. Software integrity control for the ATMs becomes more important with every passing day.”
August 08, 2014
All news |
Print this page
July 11, 2014
October 10, 2014