sb-au logo
Story image

Kaspersky improves security for ATMs and PoS systems

Kaspersky has launched a new version of its Embedded Systems Security which has improved security for ATMs in remote areas with a 2G internet connection.

In fact, its technical requirements for speed starts from 56 kbp/s. The solution provides advanced protection for ATMs and PoS (point of sale) systems, and other Windows-based embedded devices.

With the new version, the solution can be remotely managed and updated on devices in remote areas to ensure continual service availability. Notably, the new version can detect and block against port scanning, bruteforce and denial of service and network exploits.

Port scanning is where cyber criminals search for open ports, services running on them and vulnerabilities of these services. The gained information allows malefactors to choose an effective attack vector.

Bruteforce is where cyber attackers target an active Remote Desktop Protocol (RDP) on an ATM or PoS, and use this for gaining access to the device by trying to guess the right password through submitting multiple character combinations to the service.

Finally, Denial of Service and network exploits are attacks by cyber criminals where they send a large amount of data or data in a format that cannot be handled by an application, in order to stop the work of an embedded device or abuse an unpatched vulnerability to initiate an infection.

The new version also includes a new Network Threat Protection component to prevent attacks on a network layer. Essentially, this feature monitors inbound and outbound traffic to detect suspicious network activity and blocks the communication between the device and the source of malicious network activity.

Statistics from the Kaspersky Security Network in 2019, with data captured from Kaspersky solutions, noted that the amount of malware targeting embedded systems grew by 40% compared to figures from 2018, indicating that ATMs, PoS and other similar systems became a target for cybercriminals.

Kaspersky also noted that protecting these devices is challenging when they reside in remote locations where a wireless modem is used for internet connection and the area has poor cellular coverage or is not covered by modern wireless standards (such as 3G and above).

According to Kaspersky, certain issues regarding traffic overloading or malicious actions could be severely detrimental in such a situation, resulting in the device being unstable or unable to function as needed.

In order to resolve such issues, Kaspersky has optimised the volume of traffic shared by Kaspersky Embedded Systems Security to reduce the payload.

Typically, the server periodically sends security policies to the ATM, which returns the applied settings. It allows for monitoring to show that the policies were not changed.

With the updated Kaspersky Embedded Systems Security, the ATM would not send the whole of the acting policies back to the server, thus reducing the intensity of the data exchange.

However, this doesn't affect control over the device, as the ability to change these policies on the cash machine is strictly regulated by the security solution.

This solution, and other data exchange optimisations, ensures that functions continue to run even in regions where only a low speed internet connection, such as that provided by the 2G standard, is available.

Kaspersky senior B2B product marketing manager Oleg Gorobets says, “Some people prefer to pay with cash, and in some places, there is just no other option. This means people’s daily lives depend on access to physical currency.

"So, banks need to provide their customers with means for withdrawing money. Our clients from the banking industry, as they take care of this need, find themselves facing the issue of poor internet connectivity in remote areas.

"This can affect the quality of their service, which is supposed to be delivered both conveniently and securely. In order to help them solve this problem, we have included low bandwidth tolerance to the list of optimisations we made in the new version of Kaspersky Embedded Systems Security.”

Story image
Ripple20 threat could affect 35% of all IT environments – ExtraHop
The vulnerabilities have the potential to ‘ripple’ through complex software supply chains, enabling attackers to steal data or execute code.More
Story image
SMBs seeking service providers in face of rising cyber threats
SMBs are struggling with their cybersecurity solutions, with three quarters worried about being the target of a cyberattack in the next six months, and 91% considering using or switching to a new IT service provider if offered a better option.More
Story image
Proofpoint enhances security awareness training platform
Available in Q4 2020, the platform will integrate more closely with Proofpoint’s best-in-class threat intelligence.More
Link image
How to better protect your organisation's most valuable asset - its data.
Data resilience strategies are becoming increasingly critical in relation to the skyrocketing value of data and the proliferation of malicious entities wishing to steal it.More
Story image
75% of IT execs 'worried' about being targeted in cyber-attack
A new report from ConnectWise has shed light on the widespread concern about cyber-attacks, with 91% of SMB executives considering a move to an MSP if it provided the 'right' solution.More
Story image
Global attack volume down, but fraud and cyber threats still going strong
“The move to digital, for both businesses and consumers, has been significant. Yet with this change comes opportunity for exploitation. Fraudsters look for easy targets: whether government support packages, new lines of credit or media companies with fewer barriers to entry."More