Big corporations are the slowest to adopt new technologies, and understandably so because it takes a lot of time and resources to do a complete overhaul of a company’s system. Then there is also the learning curve and the costs associated with it, and for such reasons, big corporations tend to delay upgrading to new systems for as long as possible.
Well, it seems time will arm twists banks into upgrading to newer operating systems for their ATMs; lots of banks still run Windows XP on their ATMs. If 2017’s major vulnerability with the Wannarcry ransomware didn’t teach them a lesson, here’s a new one that ought to compel them to change their minds.
A Russian has discovered a fatal vulnerability in Windows XP that could enable hackers to take control of ATMs that still run on these old OS. He shared his finding in a blog post, explaining how pressing the Shift key five times triggers the Sticky Keys and opens a door for hackers to gain access to the entire Operating System and then deploy malicious software and can even modify the ATM boot scripts.
He demonstrates this vulnerability on the state-owned bank Sberbank, who’s ATMs are still running on Windows XP. The Sberbank has not responded to his attempts to notify them of the vulnerability, and despite alerting the bank weeks ago, he performed the same trick later on, and it still worked.
Microsoft has increasingly urged banks and corporations to upgrade their systems to the latest Windows 10 OS as they no longer support Windows XP.