The Nachi worm compromised cash machines at two financial institutions last August, according to Diebold, which manufactured the Windows-based automatic teller machines. The event is being called the first confirmed case of malicious code penetrating cash machines, according to Security Focus. The two financial institutions were not identified, and the infected machines were quickly isolated when they began scanning the ATM networks, triggering intrustion detection systems, according to Diebold.
The Nachi worm exploited a RPC DCOM hole, for which Microsoft issued a patch a month prior to the worm’s release, which Diebold neglected to install on the infected machines. Last week Diebold announced that it will include Sygate Security Agent software with all its new ATMs and offer to install Sygate agents on its existing Windows-based ATMs.
About 12 percent of ATM systems currently run on Windows-based operating systems, acording to industry analysts, who expect many financial institutions to shift IBM’s OS/2 to Windows in the next few years, with some projections suggesting Microsoft’s share of the ATM market could reach 65 percent by 2005.
Netcraft can audit banks own web applications for design errors and erroneous functionality.