Security alerts

Keep up with our latest security updates.

Direct Memory Access (DMA) attacks

Important information

Dear valued customer,

Please be advised that NCR Atleos is updating guidance in relation to the PCIe expansion bus present in the motherboards of some NCR Atleos cores and M.2 slots used in other NCR Atleos cores. We are now advising that the PCIe expansion bus must be disabled to prevent possible logical attacks, specifically Direct Memory Access (DMA) attacks. Additionally, M.2 ports used in other cores must be turned off if not in use.

In the Estoril, Skylake, and Kabylake NCR Atleos core environments, the capability exists to plug in PCIe cards for additional functions. NCR Atleos is advising that an attacker with physical access to the PCIe bus (utilized for plug in cards) has the potential to perform a DMA attack to add malware into memory or scrape data. NCR Atleos is therefore updating our guidance as stated below:

  • The PCIe bus must be disabled.
  • We do not advise the usage of additional PCIe cards.
  • Newly released BIOS versions should be utilized to disable the PCIe bus.
  • Where PCIe cards are still being utilized, we recommend pursuing a migration path to a solution which utilizes more modern, secure technology such as USB, and then disables the PCIe interfaces.

For the NCR Atleos Cometlake core environment, PCIe slots have been removed, but M.2 ports are present for usage with SSD storage devices and can also represent a DMA attack risk. Please be advised of the below:

  • Protection against DMA attacks is enabled by default if NCR Atleos OEM image is in use on the Cometlake core.
  • If NCR Atleos OEM image is not currently in use, Kernel DMA protection should be switched on within Windows settings.
  • If M.2 ports are not being used, NCR Atleos advises that M.2 ports must be disabled through utilization of a new version of NCR Atleos BIOS.

NCR Atleos strongly recommends that FULL logical protection is applied as per the latest NCR Atleos Logical security whitepaper to ensure layered protection against different attacks. Updating to the new versions of BIOS for supported NCR Atleos Cores is part of this holistic defense.

If you have any questions or concerns, please reach out to your NCR Atleos representative.

Thank you for your continued partnership,

NCR Atleos Security Team