WASHINGTON (3/28/14)--ATMs could become vulnerable on April 8 when Microsoft stops providing regular security patches, technical assistance and support for its Windows XP operating system, the Credit Union National Association continues to remind credit unions.
"Credit unions have probably tired of the reminder notices and news headlines at this point, but it bears repeating just the same: ATM owners will need to upgrade their machines to Windows 7 to ensure continued technical support for their terminals, and to remain compliant with Payment Card Industry Data Security Standards," CUNA Senior Director of Compliance Analysis Valerie Moss said in a recent CompBlog post.
Failure to upgrade could expose ATMs and other devices to increased security risks. And, it won't take hackers very long to exploit these vulnerabilities. However, Moss stressed, Microsoft's decision to stop Windows XP support does not mean that personal computers, ATMs and other devices will cease to operate on April 8 without an upgrade.
The Federal Financial Institution Examination Council (FFIEC) has outlined risk-management processes to address the risk from continued use of XP. Those processes are:
Moss advised that credit unions be ready to respond to member inquiries about the ATM upgrade issue.
"CUNA has been in contact with strategic partners that have been educating credit union ATM owners on upcoming changes for the past year. So, your vendors should be able to address any questions you have regarding the XP sunset and/or the security of your ATMs," she said.
Use the resource link for more on this ATM security issue.