ATM Risk Is Minimal
Contrary to the doomsday or Y2K-like predictions of a serious attack targeting Automated Teller Machines, security experts told CRN that the threat is overblown. ATMs run a lightweight, embedded version of Windows XP that lacks many of the features and capabilities commonly exploited by attackers. Many ATMs also are protected with custom whitelisting software, locking down the tiny environment. Any code attempting to execute that would not likely trigger the machine to go offline, said FishNet Security’s Hicks. Up until now, Hicks said most threats against ATMs have been theoretical, and most documented attacks require local access to the system.