The threat environment is advancing exponentially, putting critical business processes, confidential data and financial resources at ever-increasing risk from zero-second attacks. To mitigate the risk to your business, you need to be smarter, better equipped and better informed than the cyber-professionals targeting you.


Today we see Embedded systems everywhere: in ticketing machines, ATMs, kiosks, Point of Sale systems, medical equipment… the list goes on. Embedded systems are a particular security concern as they tend to be geographically scattered, challenging to manage and rarely updated. They have to be fault tolerant and resistant, operating as they do with cash and with credit card credentials. Embedded devices must not just be protected against threats in themselves, but must not be accessible by cybercriminals or an inside attacker as an entry point into the corporate network.


Standard security regulations for Embedded devices tend to cover only antivirus based security or system hardening, which is not enough. A purely antivirus approach is of limited effectiveness against current Embedded systems threats, as has been amply demonstrated in recent attacks. Now is the time to apply well-proven technologies like Device Control and Default Deny, with an additional Antivirus module applied to critical systems where required.


Payment card systems are vulnerable to cyberattacks. Around 90% of all ATMs still run on the now unsupported Windows XP operating system. Point-Of-Sale (POS) middleware, individually developed by thousands of different individual developers, is largely unsecured.


Kaspersky Embedded Systems Security is specially designed to protect against ATM/POS oriented attacks.


Low-End OS & Hardware

Kaspersky Embedded Systems Security is fully operational and supported on all Windows operating systems, from the Windows XP family to Windows 10 IoT. Hardware requirements are as little as 256Mb of RAM and 50Mb of disk space.

Default Deny

ATM and POS systems are fixed passive systems undertaking strictly limited functions. By preventing drivers, libraries or non-approved applications from launching, attackers are denied access through these means.

Device Control

The most dangerous attacks on ATM and POS systems are closely associated with USB and CD-ROM access. Implementing a rigorous, comprehensive device access and control policy is the most effective form of risk mitigation.

Antivirus On-Demand

The solution can be installed in ‘Default Deny’ mode, minimizing hardware resource impact. An antivirus module, also providing on-demand scan controls, with optional real-time protection from Kaspersky Security Network, is also included.


Business Benefits

  • ATM & POS

    Kaspersky Embedded Systems Security is designed specifically for ATM and POS systems. It respects related hardware and efficiency considerations while simultaneously controlling and protecting the attack surfaces unique to these architectures.

  • Windows XP Challenge

    There is no need to upgrade from Windows XP. Kaspersky Embedded Systems Security supports all current Microsoft Windows Embedded and POS ready families, from the now-unsupported Windows XP family, to Windows 10 IoT.

  • Default Deny

    Powerful, effective protection is delivered through granular device controls and the full Default Deny mode operation for applications, drivers and libraries.

  • Anti-Virus

    Antivirus is provided as an optional module, if required. Once Kaspersky Embedded Systems Security is installed in Device Control and Default Deny mode, the additional antivirus is not always necessary.

  • Low Hardware Requirements

    There are low hardware requirements. The solution is designed to work on 256Mb RAM and 50Mb disk space while running in ‘Application Control only’ mode on Windows XP

  • Regulations

    PCI DSS requirements (v3.1 paragraphs 5.1, 5.1.1, 5.2, 5.3, 6,2) are covered by Kaspersky Embedded Systems Security

Malwares Targeting Financial Institutions