Thursday 21 September 2017

Eight arrested over £1.3 million theft by gang who took control of bank's computer system

A general view of the Barclays bank in Swiss Cottage, London
A general view of the Barclays bank in Swiss Cottage, London
Undated handout photo issued by the Metropolitan Police of a KVM device, as eight men have been arrested in connection with a £1.3million theft
A general view of the Barclays bank in Swiss Cottage, north London

Eight men have been arrested in connection with a £1.3 million theft by a gang who took control of a bank branch computer system.

The men, who are aged between 24 and 47, have been arrested in connection with an allegation of conspiracy to steal from Barclays Bank, and conspiracy to defraud UK banks. They are in custody in London police stations.

Cash, jewellery, drugs, thousands of credit cards and personal data have been seized in searches at addresses in Westminster, Newham, Camden, Brent and Essex.

Detectives described one of the addresses in central London as the fraudsters' control centre.

A search of the Barclays Bank branch in Swiss Cottage, north London, where £1.3 million was stolen in April, unearthed a ''keyboard video mouse'' (KVM) switch attached to a 3G router to one of the computers. A KVM switch would allow the fraudsters to transmit desktop content.

It is alleged one of the plotters posed as an engineer, saying he was there to fix computers.

The KVM could allow someone to control a number of computers.

It is believed the gang could have been using the gadget to transfer money remotely into different bank accounts.

Metropolitan Police detective inspector Mark Raymond said: "Those responsible for this offence are significant players within a sophisticated and determined organised criminal network, who used considerable technical abilities and traditional criminal know-how to infiltrate and exploit secure banking systems."

The arrests are the latest in a series of cyber crimes targeting banks in an attempt to steal millions of pounds.

A gang is alleged to have tried to use the KVM gadget to take control of all the computers at a branch of Santander in Surrey Quays shopping centre in south east London. The attempt failed and the Spanish bank said they were unable to steal any money.

Four men - Lanre Mullins-Abudu, 25, from Putney, south west London; Dean Outram, 34, from north west London; Akash Vaghela, 27, from Hounslow, west London; and Asad Ali Qureshi, 35, from south west London - are to appear on conspiracy to steal charges at London's Southwark Crown Court on September 27.

Eight other people have been bailed to a date in mid-November pending further inquiries.

A "big mixture of nerdiness and having some nerves" would be needed to try to pull off this type of fraud, according to internet security expert Graham Cluley.

Since part of the crime involves walking into a branch and attaching the gadget to a computer, this would need "a bit of bottle on the part of the criminal but you would have to be technical on the other end to be able to get the information".

Valuable data such as access to keyboard strokes and what is happening on-screen could be obtained, according to Mr Cluley.

A KVM would be about 8ins by 6ins by 3ins in size and would probably look like "another anonymous box with loads of wires", he noted.

He said: "They (would-be criminals) would need physical access to your computer and the best way to do that is to be part of the cleaning staff or part of the IT team and to just work in the office and plug the thing in.

"With human nature being what it is, people do not often confront people they see as new in these roles in their office.

"Organisations need to have proper physical security in place and foster an attitude so staff can challenge people and say 'Where is your pass?'.

"It is not just money that could be stolen, but also data."

The Barclays theft is being dealt with by the same investigation team that is dealing with the Santander attempted robbery, as part of the same police operation.

Police believe the gang that targeted Barclays had a "control room" in Seymour Place, Marylebone, central London.

Detective Superintendent Terry Wilson said he believes that one of the men who is under arrest is the "Mr Big" of UK cyber crime.

Alex Grant, Barclays managing director of fraud prevention, said: "Barclays has no higher priority than the protection and security of our customers against the actions of would-be fraudsters.

"We have been working closely with the Metropolitan Police following a security breach at our Swiss Cottage branch in April 2013. We identified the fraud and acted swiftly to recover funds on the same day.

"We can confirm that no customers suffered financial loss as a result of this action."

Press Association

Editors Choice

Also in World News