"The outbound traffic from the ATM was stopped -- limited, from a network standpoint -- and effectively isolated," said Nick Billett, Diebold's director of software engineering.
"In many cases, the machines were cleaned up that day."
A patch for the critical RPC DCOM hole had been available from Microsoft
for over a month at the time of the attack, but Diebold
had neglected to install it in the infected machines.Billett
defended the company's patching process, which he
said involves testing each new bug fix, and deploying at a wide variety of institutions with a mix of network architectures."A lot of those machines actually have to be visited by a service technician" to be patched, said Billett
."Our experience in the past is we are able to turn those around in one or two days."
In this case, the two affected financial institutions, which Diebold
declined to name, somehow slipped thought the cracks, said Billett