Mumbai: The RBI has directed banks to work their ATM networks only after machines receive a Windows update to safeguard them from a malware impacting systems around the world.
The directive was in reaction to the WannaCry ransomware that took down personal computers across the world locking up critical data and aggravating bitcoins as ransom for its release.
ATM machines are noticed as being vulnerable since the majority of them run on Windows OS. Also over 60% of the 2.25 lakh ATMs in the country runs the outdated Windows XP or Windows 7.
Microsoft has, although, issued a statement stating that this has developed and released a unique update for or windows 7 even though this particular version of its operating system isn’t any longer serviced by the company.
“RBI has asked banks to update specific Windows patches on ATMs urgently and not to operate ATM machines unless updates are in place,” said an official with a public sector bank. Banks have passed on the directive to their management service providers.
ATM operators, however, say that there’s no threat to customer data on money. “the goal of ransomware would be to shut down critical information in networks and give a wide berth to usage of this data.
When it comes to ATMs there is absolutely no data stored in the machine. Neither is their storage of any kind of logic that may block transactions.
“Even if a machine were to get affected it can be reformatted and put to use immediately,” said Manohar Bhoi, president (technology) at Electronic Payments and Services — a management services firm that handles ATMs for public sector banks.
Applying software patches is completed because of the vendors who provide you with the service of ATM operations. In accordance with Bhoi, this is often done remotely and usually, the vendors run their tests on the patch before an update.
In India, 102 personal computers associated with the Andhra Pradesh police were compromised on Saturday and a Nissan Renault plant production was stopped because of the malware.
There have been rumours of some computer system two south-based banks being attacked but there was clearly no verification from RBI and none regarding the banks have reported the incident.
In accordance with payment security specialist SISA’s associate VP Nitin Bhatnagar, the full impact would be known only on Monday considering that the attack happened on a weekend.
Meanwhile bitcoin wallets connected to the ransomware saw transactions worth $34,300 indicating that a small percentage of affected users were paying the ransom money.