NCR Atleos

Direct Memory Access (DMA) attacks

Important information

‍

Dear valued customer,

Please be advised that NCR Atleos is updating guidance in relation to the PCIe expansion bus present in the motherboards of some NCR Atleos cores and M.2 slots used in other NCR Atleos cores. We are now advising that the PCIe expansion bus must be disabled to prevent possible logical attacks, specifically Direct Memory Access (DMA) attacks. Additionally, M.2 ports used in other cores must be turned off if not in use.

In the Estoril, Skylake, and Kabylake NCR Atleos core environments, the capability exists to plug in PCIe cards for additional functions. NCR Atleos is advising that an attacker with physical access to the PCIe bus (utilized for plug in cards) has the potential to perform a DMA attack to add malware into memory or scrape data. NCR Atleos is therefore updating our guidance as stated below:

The PCIe bus must be disabled.
We do not advise the usage of additional PCIe cards.
Newly released BIOS versions should be utilized to disable the PCIe bus.
Where PCIe cards are still being utilized, we recommend pursuing a migration path to a solution which utilizes more modern, secure technology such as USB, and then disables the PCIe interfaces.

For the NCR Atleos Cometlake core environment, PCIe slots have been removed, but M.2 ports are present for usage with SSD storage devices and can also represent a DMA attack risk. Please be advised of the below:

Protection against DMA attacks is enabled by default if NCR Atleos OEM image is in use on the Cometlake core.
If NCR Atleos OEM image is not currently in use, Kernel DMA protection should be switched on within Windows settings.
If M.2 ports are not being used, NCR Atleos advises that M.2 ports must be disabled through utilization of a new version of NCR Atleos BIOS.

NCR Atleos strongly recommends that FULL logical protection is applied as per the latest NCR Atleos Logical security whitepaper to ensure layered protection against different attacks. Updating to the new versions of BIOS for supported NCR Atleos Cores is part of this holistic defense.

If you have any questions or concerns, please reach out to your NCR Atleos representative.

Thank you for your continued partnership,

NCR Atleos Security Team

Sign up for NCR Atleos Security Updates

As part of our commitment to ATM security, we regularly provide alerts and updates to the market on global ATM security issues and situations.
We issue alerts when:

We receive reports of new ATM attacks
We receive reports of modifications to ATM attack methods
Industry compliance issues require actions by ATM deployers

Keep yourself fully informed by signing up today.

First name*

Last name*

Email*

Company*

Country*

Title*

Click here to opt-in to NCR Atleos Security Updates*

*By checking the subscription box, you agree to receive emails from NCR Atleos about products, updates and promotions that may be of interest to you. You can withdraw your consent at any time by clicking here to manage your subscription choices, and click here to access NCR Atleos’s Privacy Policy.

Submit

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.