Cyber-crime gang held over plot to rob millions from bank
Published 14/09/2013 | 05:00
An audacious bid to hack into a high-street bank's computer system and steal millions of pounds has been foiled.
A man posing as a British Telecom engineer is understood to have entered a branch of the Santander bank in Surrey Quays, south east London, where he allegedly attempted to install a device that would have allowed hackers to access its network from outside.
Known as a keyboard video mouse (KVM), the gadgets, which fit into the back of a machine, can cost as little as £10 (€12) and are widely available in computer stores or online.
As well as recording keyboard activity, users can send commands to the computer from elsewhere. They are often used by jealous lovers to spy on their partner's online activity, but are also used by company IT departments to access several computers from one remote machine.
The gang, which was allegedly operating out of a small office in a shed in Hounslow, west London, were suspected of planning to use wi-fi in order to connect to the device and transfer funds electronically.
Had the plot been successful, police believe the hackers could have had access to millions of pounds of customer funds.
But the plan was foiled following an intelligence-led operation by the Metropolitan Police's special e-crime unit.
They tipped the bank off that it was being targeted by hackers, although they were not sure which branch. Just hours after the bogus engineer attempted to fit the device to the computer server, officers from Scotland Yard swooped, arresting 12 men on suspicion of conspiracy to steal. Internet security expert Graham Cluley said while very simplistic, such a plot could have been highly effective.
He said: "The worry is these things are very difficult to detect, because anti-virus software is no use.
"You have to actually spot the device, and not many people bother looking behind the back of their computer.
"If they had got away with it, the hackers could have moved a large sum of money into another account and spirited it somewhere else in the world before anyone had realised what had happened."
He added: "Cyber crime can be carried out by robbers on the other side of the world."
Police arrested 11 men aged between 23 and 50 in the Hounslow area of west London and also detained a man aged 34 at an address in Vauxhall Bridge Road in Central London.
Detective Inspector Mark Raymond, of Scotland Yard's police central e-crime unit, said: "This was a sophisticated plot that could have led to the loss of a very large amount of money from the bank and is the most significant case of this kind that we have come across."
A spokesman for Santander insisted the bogus engineer had not managed to install the device and no customer money was at risk and no staff member of Santander was involved.
He added: "Like all high street banks, Santander works very closely with the police and other authorities to help prevent fraud. Through this co-operation, Santander was aware of the possibility of the attack connected to the arrests. "We are pleased that we have been able, through the robustness of our systems, to prevent the fraud and help the police gather the evidence they needed to make the arrests." The 12 men arrested were being questioned at a London police station. (© Daily Telegraph, London)