sb-eu logo
Story image

Kaspersky improves security for ATMs and PoS systems

Kaspersky has launched a new version of its Embedded Systems Security which has improved security for ATMs in remote areas with a 2G internet connection.

In fact, its technical requirements for speed starts from 56 kbp/s. The solution provides advanced protection for ATMs and PoS (point of sale) systems, and other Windows-based embedded devices.

With the new version, the solution can be remotely managed and updated on devices in remote areas to ensure continual service availability. Notably, the new version can detect and block against port scanning, bruteforce and denial of service and network exploits.

Port scanning is where cyber criminals search for open ports, services running on them and vulnerabilities of these services. The gained information allows malefactors to choose an effective attack vector.

Bruteforce is where cyber attackers target an active Remote Desktop Protocol (RDP) on an ATM or PoS, and use this for gaining access to the device by trying to guess the right password through submitting multiple character combinations to the service.

Finally, Denial of Service and network exploits are attacks by cyber criminals where they send a large amount of data or data in a format that cannot be handled by an application, in order to stop the work of an embedded device or abuse an unpatched vulnerability to initiate an infection.

The new version also includes a new Network Threat Protection component to prevent attacks on a network layer. Essentially, this feature monitors inbound and outbound traffic to detect suspicious network activity and blocks the communication between the device and the source of malicious network activity.

Statistics from the Kaspersky Security Network in 2019, with data captured from Kaspersky solutions, noted that the amount of malware targeting embedded systems grew by 40% compared to figures from 2018, indicating that ATMs, PoS and other similar systems became a target for cybercriminals.

Kaspersky also noted that protecting these devices is challenging when they reside in remote locations where a wireless modem is used for internet connection and the area has poor cellular coverage or is not covered by modern wireless standards (such as 3G and above).

According to Kaspersky, certain issues regarding traffic overloading or malicious actions could be severely detrimental in such a situation, resulting in the device being unstable or unable to function as needed.

In order to resolve such issues, Kaspersky has optimised the volume of traffic shared by Kaspersky Embedded Systems Security to reduce the payload.

Typically, the server periodically sends security policies to the ATM, which returns the applied settings. It allows for monitoring to show that the policies were not changed.

With the updated Kaspersky Embedded Systems Security, the ATM would not send the whole of the acting policies back to the server, thus reducing the intensity of the data exchange.

However, this doesn't affect control over the device, as the ability to change these policies on the cash machine is strictly regulated by the security solution.

This solution, and other data exchange optimisations, ensures that functions continue to run even in regions where only a low speed internet connection, such as that provided by the 2G standard, is available.

Kaspersky senior B2B product marketing manager Oleg Gorobets says, “Some people prefer to pay with cash, and in some places, there is just no other option. This means people’s daily lives depend on access to physical currency.

"So, banks need to provide their customers with means for withdrawing money. Our clients from the banking industry, as they take care of this need, find themselves facing the issue of poor internet connectivity in remote areas.

"This can affect the quality of their service, which is supposed to be delivered both conveniently and securely. In order to help them solve this problem, we have included low bandwidth tolerance to the list of optimisations we made in the new version of Kaspersky Embedded Systems Security.”

Story image
Malware attacks abusing machine identities grew eightfold over the last 10 years - report
"Machine identity capabilities have become commoditised and are being added to off-the-shelf malware, making it more sophisticated and harder to detect."More
Story image
CrowdStrike uncovers key cybersecurity findings following COVID-19
Businesses around the world see cybersecurity as a top investment following a mass move to remote working, and it is expected that technology budgets will rise despite uncertain economic times.More
Story image
A third of millennials think they're 'too boring' to be victim of cyber attack
While many millennials are concerned at how their data is being used and whether they are being targeted by cyber-attackers, according to Kaspersky any potential action taken to tighten their online security is at ‘the bottom of their to-do list’.More
Story image
42% more plaintext HTTP servers than HTTPS counterparts - report
Rapid7 has released a report detailing the changing internet risk landscapes of 2020, and other issues facing cybersecurity teams.More
Story image
Why greater network visibility is needed to reduce the threat posed by IoT in the enterprise
At home and abroad, organisations have joined the rush to embrace Internet of Things (IoT) technology, but a new survey shows they’re only just beginning to wake up to the enormous risk those devices pose, writes ExtraHop A/NZ Regional Sales Manager Glen Maloney.More
Story image
80% of security breaches involve exposure of customer data - IBM
The new report from IBM indicates that 80% of surveyed organisations reported having exposed customers’ personally identifiable information (PII) as a result of a breach.More