Cybersecurity multinational Kaspersky Lab has launched an enterprise-grade, dedicated automatic teller machine (ATM), point-of-sales (PoS) and point-of-service machine protection and detection system for Windows-based platforms, called Kaspersky Lab Embedded Systems Security.
ATMs are usually connected to a network by means of slow third- generation and wireless channels and are always geographically scattered. This presents additional security and management challenges. Simultaneously, compliance requirements are very broad, yet do not necessarily afford the required level of protection for banks and their clients, says Kaspersky Lab Embedded Systems Security Solution business lead Dmitry Zveginets.
While ATMs and PoS terminals are very diverse, they share similar qualities. Typically, these machines are dedicated to a specific task and carry a very limited number of software programs. These machines are also usually limited-performance computers, often running outdated operating systems and software like Windows XP.
“Upgrade cycles for ATM and PoS fleets are slow, and it is not uncommon to find a perfectly working machine that was built more than ten years ago, running similarly outdated software. The first challenge the security system design team had to overcome involved getting the most up-to-date security technologies to run on machines with very limited capacity.”
The new product is compatible with seven generations of computer hardware, which protects the systems even without an Internet connection, and is highly flexible, in order to meet the unique demands of financial organisations as well as comply with regulations.
“The solution has some of the lowest system requirements and can run on systems with only 256 MB of memory and just 50 MB of disk space. It protects these machines from cyberthreats – be it remote attacks or the on-site compromise of a system via USB sticks,” he says.
Further, Kaspersky Lab included advanced protection technologies, such as the Default Deny mode, that improve financial security. The special Default Deny mode blocks attempts to run any unauthorised executable code or drivers on ATMs and PoS terminals.
Kaspersky Lab Embedded Systems Security offers centralised reporting and management.