Banks to pay Microsoft millions to keep cash machines running Windows XP

April deadline looms large but 95 per cent of all ATMs still run the ancient OS.

Windows cash machine

Banks around the world are set to stump up millions of pounds to Microsoft in a bid to keep their cash machines running after support for the venerable operating system runs out in April.

According to reports by Reuters, only a third of cash machines running will have upgraded to Windows 7 by the April deadline. There are around 2.2 million machines worldwide and currently 95 per cent of them run XP.

The move to buy support will cost millions as the banks look for ways to protect the machines from hackers and malware.

Sridhar Athreya, London-based head of financial services advisory at technology firm SunGard Consulting told Reuters that for British banks alone, the cost of extending support for Windows XP would be around 50 to 60 million.

It is said that five of the UK's largest banks; Lloyds Banking Group, RBS, HSBC, Barclays and Santander UK, have arranged or are in the process of arranging extended support for Windows XP from Microsoft.

"There are certainly large enterprise customers who haven't finished their migrations yet and are purchasing custom support," a spokesman for Microsoft told a Reuters reporter.

The PCI Council, which oversees security standards for the card payments industry, has warned financial firms that they must upgrade old operating systems as soon as possible.

"Don't make yourself an easy target, talk to your technology provider today and make sure your PC and systems are not putting your customers' confidential payment card data and your business at risk," the organisation warned.

Professor John Walker, director of CSIRT and Cyber Forensics at Integral Assurance said that its not the cost of the software, "but the cost of doing it that drives the need 'not-to-do'.

"In many cases they pay a fortune just to run virtual systems, as the legacy issues are so great, they can be massive in cost. However, whilst you can run from the upgrade in the short term, you must hit that wall of facing up to it one day. Its just putting off what you should do today until tomorrow."

Walker said that it raised questions over keeping aligned with PCI-DSS.

"How do such organisations can get away with it, in so many places, and for so long. I expect this is the case of, when is a 'Standard' not a standard - answer, when its called 'PCI'," he added.

Vincent Nola, interim head of financial services at Musgrave Retail Partners said the upgrade of a critical operating system is not looked at as revenue enhancing "but just a cost, so the incumbent directors who are responsible for the infrastructure push the problem down the road and then it is somebody else's problem."

"I find this amazing as retailers are being pushed to become PCI complaint, and rightfully so - look at the Target breach. But the institutions are not addressing their serious legacy issues, which will only get worse over time," he added.

Featured Resources

Security analytics for your multi-cloud deployments

IBM Security QRadar SIEM solution brief

Download now

Five reasons to move to the cloud

Join the enterprises moving their workloads to the cloud

Download now

Architecting hybrid IT and edge for digital advantage

Why business leaders should consider a hybrid IT strategy

Download now

Six reasons to accelerate remote asset monitoring with AI

How to optimise resources, increase productivity, and grow profit margins with AI

Download now

Recommended

Lazarus APT hacking group is targeting the defense industry
Security

Lazarus APT hacking group is targeting the defense industry

26 Feb 2021
Microsoft open sources CodeQL queries used in Solorigate inquiry
Security

Microsoft open sources CodeQL queries used in Solorigate inquiry

26 Feb 2021
CISA warns of ongoing Accellion File Transfer Appliance attacks
hacking

CISA warns of ongoing Accellion File Transfer Appliance attacks

25 Feb 2021
What is a Trojan?
Security

What is a Trojan?

25 Feb 2021

Most Popular

How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

26 Feb 2021
How to connect one, two or more monitors to your laptop
Laptops

How to connect one, two or more monitors to your laptop

25 Feb 2021
How to use Chromecast without Wi-Fi
Mobile

How to use Chromecast without Wi-Fi

26 Feb 2021