Indian banks are not worried as Microsoft pulls the plug on Windows XP, its ageing operating system (OS), nearly 12 years after it was launched.
The world’s largest software-maker will stop offering technical support for the OS, which is also its most popular, from midnight Tuesday.
In April last year, Microsoft announced its intention to withdraw support to OS. This means that corporates and personal users of the OS cannot now rely on firewalls and anti-virus software to protect their machines from malware (malicious software).
According to industry sources, India had about 1.15 lakh ATMs as on March 31, 2013, of which, an estimated 20 per cent were on Windows XP. With the financial sector being in upgrading systems mode, experts do not believe much has changed.
“None of the ATMs are exposed to the external servers, but linked to the internal servers of the banks. For certain big banks, upgradation of systems requires time and incurs a cost. Banks are working on the upgradation, but at the same time looking at minimising the costs,” Tanksale added.
The banks and financial institutions are among the major users of the OS and are also among the slowest to upgrade to newer versions such as Windows 7 or Windows 8. “Overall, the costs and number of systems to be upgraded are insignificant as far as Union Bank is concerned as most of our systems get upgraded every 2-3 years. About one-third of our computers get replaced each year and gradually we will upgrade it completely. It is not a threat to the operations immediately,” said K Subrahmanyam, Executive Director of Union Bank.
Many other bankers concurred. But is the threat real?
“Yes, there is a threat. Banks are finding a way with anti-virus or update patches… The systems will continue to work till the lifecycle of the device ends,” said Vishal Tripathi, Principal Research Analyst at Gartner.
Higher cost The banks are staying away due to the cost involved, as they have thousands of devices to be upgraded, Tripathi added.
Ajay Dubey, Manager, South India of Websense, said “If the systems are not upgraded, they would be vulnerable to attacks. Large organisations would have IT budgets, and so finances shouldn’t be the issue, but the effort involved to update all machines would take its toll.” As analysts add with security threats lurking around, it would be better to be safe than sorry.