Worm hits Windows-based ATMs
Reuters
December 9, 2003, 4:30 AM PT
URL: http://zdnet.com.com/2100-1105-5117285.html
Automated teller machines at two banks running Microsoft's popular
Windows software were infected by a computer virus in August, the maker
of the machines said Monday.
The ATM infections, first reported by SecurityFocus.com, are believed to
be the first of a computer virus wiggling directly onto cash machines.
Computer security experts predicted more problems to come as Windows
migrates to critical systems consumers rely on.
An unknown number of ATMs running Windows XP Embedded were shut down
during the spread of the so-called Nachi worm, said executives at
Diebold, which made the ATMs and refused to name the customers affected.
The Nachi worm, also dubbed "Welchia," was written to clean up after the
MSBlast, or Blaster, worm. Instead it crippled or congested networks
around the world, including the check-in system at Air Canada. Both
worms spread through a hole in Windows XP, 2000, NT and Server 2003.
In January, the SQL Slammer worm led to technical problems that
temporarily kept Bank of America's customers from their cash, but did
not directly cause the ATM outage.
"It's a harbinger of things to come," said Bruce Schneier, chief
technical officer of network monitoring company Counterpane Internet
Security.
"Specific-purpose machines, like microwave ovens and until now ATM
machines, never got viruses," said Schneier, author of "Beyond Fear:
Thinking Sensibly About Security in an Uncertain World." "Now that they
are using a general purpose operating system, Diebold should expect a
lot more of this in the future," he said.
John Pescatore, an analyst at Gartner, agreed.
"It's a horrendous security mistake," he said of specific-purpose
machines like ATMs running Windows, which is written for general-purpose
computers and for which Microsoft releases security fixes on a regular
basis. "I'm a lot more worried about my money than I was before this."
Diebold switched from using IBM's OS/2 on its ATMs because banks were
requesting Windows, said Steve Grzymkowski, senior product marketing
manager at Diebold.
"They have been asking us to ship ATMs with Windows because of the
graphics capabilities. They want a common look between the ATMs and
Web-banking sites," he said. "Another advantage is they are familiar
with Windows."
To help prevent future problems Diebold is shipping ATMs with firewall
software designed to block out viruses and other attacks, he said.
"As far as it happening again, I wouldn't want to speculate on that,"
Grzymkowski said.
Schneier and Pescatore said they were worried about the security of
other Windows-based Diebold appliances--voting machines, which run
Windows CE.
But a Diebold representative said the company's voting machines are not
used on a network, so "that is currently not an issue."
Story Copyright © 2003 Reuters Limited. All rights reserved.
------------------------ Yahoo! Groups Sponsor ---------------------~-->
Buy Ink Cartridges or Refill Kits for your HP, Epson, Canon or Lexmark
Printer at MyInks.com. Free s/h on orders $50 or more to the US & Canada.
http://www.c1tracking.com/l.asp?cid=5511
http://us.click.yahoo.com/mOAaAA/3exGAA/qnsNAA/kgFolB/TM
---------------------------------------------------------------------~->
------------------
http://all.net/
Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
Received on Wed Dec 10 10:47:10 2003
This archive was generated by hypermail 2.1.8 : Wed Dec 10 2003 - 11:05:27 PST