UK police: Cyber crooks could have stolen millions

Sep 14, 2013 by Raphael Satter

(AP)—A daring attempt to graft a rogue piece of hardware onto a computer at a London branch of Spanish bank Santander could have drained millions from its coffers, police said Friday, an indication of the potential for electronic crime to tear huge chunks off financial institutions' balance sheets.

London and Santander said in a joint statement that 12 suspects were arrested Thursday following an attempt by a bogus maintenance engineer to install a keyboard-video-mouse—a device typically used to control several computers at once—onto one of the bank's computers at a branch located in a south London shopping center.

Few other technical details were released, but the statement said that the hardware would have allowed the transmission of the entire computer's desktop and "allowed the suspects to take control of the bank's computer remotely."

Writing on the blog of Internet Sophos, John Hawes said it wasn't clear how much damage the would-be robbers might have done "even with access to a workstation."

"If the systems were well controlled, secured and monitored, there should still have been plenty of obstacles to overcome before they could find their way into sensitive parts of the network, and move virtual cash out of the bank's systems," he said.

Police said they took the attempted robbery very seriously. In their statement, Det. Insp. Mark Raymond described it as a "sophisticated plot that could have led to the loss of a very large amount of money from the bank." The force put the potential losses in the millions of pounds—although it stressed that no money was ever withdrawn.

It's not clear from the statement whether the person masquerading as an engineer was arrested at the scene. Police said that all but one of the 12 suspects, ranging in age from 23 to 50, were apprehended in the same west London neighborhood.

The scale of the potential theft is another reminder of the huge amounts that can be stolen by tech-savvy criminals. U.S. investigators say that one gang operating across 27 countries recently managed to steal $45 million in two separate sprees after compromising payment systems used by two Middle Eastern banks.

The suspects in the latest heist remain in custody. Police said searches were being carried out in six different locations in the greater London area. Santander said none of its staff were involved in the attempted heist.

Explore further: Twitter looks to weave into more mobile apps

not rated yet
add to favorites email to friend print save as pdf

Related Stories

Operation Zombie arrests teen hacker in Argentina

Sep 13, 2013

(AP)—Argentine police say they have arrested an alleged 19-year-old hacker on suspicion of leading a network specialized in fraud and complex financial transactions that led to security breaches at numerous websites.

World grapples with rise in cyber crime

May 11, 2013

International law enforcement agencies say the recent $45 million dollar ATM heist is just one of many scams they're fighting in an unprecedented wave of sophisticated cyberattacks.

Japan police chief climbs down over cyber arrests

Oct 18, 2012

Japan's most senior policeman began an embarrassing climbdown Thursday after his officers arrested four people over cyber threats issued when their computers were apparently hacked.

In info age, Belgian diamond heist is a throwback

Feb 19, 2013

(AP)—At a time when many robberies take place at the click of a mouse, a group of jewel thieves has shown there's still a potential payoff for old-fashioned criminals willing to use disguises, planning ...

LA thieves nabbed with 'find my phone' app

Nov 22, 2011

Police in California probing an armed robbery arrested two suspects by using the "Find My Phone" app on her stolen iPhone to locate the device, a spokeswoman said Tuesday.

Hackers stole $45 million in bank card breach (Update)

May 09, 2013

A worldwide gang of criminals stole $45 million in a matter of hours by hacking their way into a database of prepaid debit cards and then draining cash machines around the globe, federal prosecutors said—and ...

Recommended for you

Twitter looks to weave into more mobile apps

17 hours ago

Twitter on Wednesday set out to weave itself into mobile applications with a free "Fabric" platform to help developers build better programs and make more money.

Google unveils app for managing Gmail inboxes

19 hours ago

Google is introducing an application designed to make it easier for its Gmail users to find and manage important information that can often become buried in their inboxes.

Fighting cyber-crime one app at a time

Oct 22, 2014

This summer Victoria University of Wellington will be home to four Singaporean students researching cyber threats. The students have been working with Dr Ian Welch, a lecturer in Victoria's School of Engineering and Computer ...

User comments : 3

Adjust slider to filter visible comments by rank

Display comments: newest first

alfie_null
not rated yet Sep 14, 2013
Banks should treat their IT assets as if they were gold bullion. Lock them away and strictly controlled physical access.
dtxx
1 / 5 (3) Sep 14, 2013
Some details are missing here. Installing a KVM is meaningless by itself and doesn't represent a security risk. It won't give you access unless you are within the length of the cable, so they'd still have to be within 10 feet of the computer. They would need an insider or equipment on the inside to make any use of it.
kochevnik
1 / 5 (3) Sep 15, 2013
Only banksters should be allowed to steal, as they tried with some Russian bank accounts in Greece. After a few attitude adjustments, the banksters returned the Russian funds in exchange for free health insurance