Solved

Hardening guide / standard used on ATM machines

Posted on 2016-07-17
4
218 Views
Last Modified: 2016-07-19
Q1:
Anyone can point me to such a standard / guide?
In particular those used by Wincor Nixdorf or IBM or NCR (anyone of them).

Q2:
Are these ATMs running on custom Linux or custom Windows or proprietary OS mostly?
0
Comment
Question by:sunhux
  • 2
4 Comments
 
LVL 47

Accepted Solution

by:
dbrunton earned 210 total points
ID: 41715878
0
 
LVL 7

Assisted Solution

by:Fouad Maidine
Fouad Maidine earned 200 total points
ID: 41715923
Europol  has a general hardening guide for all ATM'S , check the page 7 of this document for what to do (its a 10 page document) :

http://www.ncr.com/wp-content/uploads/EuroPol_Guidance-Recommendations-ATM-logical-attacks.pdf


Anti skimming solutions for ATM :

http://ec.europa.eu/internal_market/fpeg/docs/annex2_askimmingdevices.pdf

This is gold : the atmia association has a file on "ATM Software Security Best Practices Guide Version 3"  :
https://www.atmia.com/files/Best%20Practices/ATMIA%20Best%20Practices%20v3.pdf

their website has a lot of usefull whitepapers as well

For your second question :

Most of the old text based ATM's used IBM's OS/2, then some migrated to nt/XP after then end of service of xp some updated to 7 , others to linux , others kept xp .

You can read more on that and the statistics for some users at the atmia association website
0
 
LVL 7

Assisted Solution

by:Fouad Maidine
Fouad Maidine earned 200 total points
ID: 41715926
+ you need to search for manuals of specific models , this is too general to link , + i think you would need to register on the web sites of the manufacturers of the atm
0
 
LVL 12

Assisted Solution

by:DarinTCH
DarinTCH earned 90 total points
ID: 41716283
So there are physical hardening parameters that are machine / hardware specific as mentions

Otherwise it is the OS - yes still Windows XP

So check some of the standards rods like NIST

http://csrc.nist.gov/itsec/SP800-68r1.pdf
And older link from infosec
http://infosecawareness.in/sysadmin/windows-xp-hardening

And links to discussions here
https://www.experts-exchange.com/questions/23263787/XP-OS-Hardening.html
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

SHARE your personal details only on a NEED to basis. Take CHARGE and SECURE your IDENTITY. How do I then PROTECT myself and stay in charge of my own Personal details (and) - MY own WAY...
It’s a strangely common occurrence that when you send someone their login details for a system, they can’t get in. This article will help you understand why it happens, and what you can do about it.
Windows 8 came with a dramatically different user interface known as Metro. Notably missing from that interface was a Start button and Start Menu. Microsoft responded to negative user feedback of the Metro interface, bringing back the Start button a…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now