KVM device used in widening plot to steal from London banks

Share this article:

Police may have thwarted one cyber heist on a London bank, but criminals using a similar scheme found success, allegedly stealing more than a million pounds from another financial institution in the city.  

On Friday, the U.K.'s Metropolitan Police Service (MPS) announced that eight men, between the ages of 24 and 47, were arrested that day and on Thursday for their alleged roles in the racket.

According to London police, the individuals were taken into custody for their alleged connection in a conspiracy to steal from a Barclays bank branch – which was hit by hackers this spring – and potentially defraud other U.K. banks, a release from MPS said.

Police told BBC News on Friday that the arrests were being linked to a separate incident: where hackers attempted to steal money from Santander bank, resulting in a police raid last week.

In both instances, crooks plotted to fit bank computers with a keyboard video mouse (KVM) device in order to give themselves remote access to customer accounts. While police stopped the attack on the London Santander branch from being carried out, arresting 12 men and charging four of them with conspiracy to steal, £1.3 million was siphoned from the Barclays location in North London.

Barclays reported the loss, equivalent to around $2 million, back on April 5, though police apprehended the suspects this week.

At both banks, staff allowed a man, posing as an IT engineer, access to bank computers. Instead of working on the machines, the individual allegedly connected a KVM device to computers. At Barclays, criminals were able to carry through with their plans and remotely transfer money to accounts they'd designated ahead of time, police said.

Once installed, a KVM device can give saboteurs access to multiple computers in the organization's network – in this case, to monitor accounts, move money or do any manner of malicious activities.

Doug Johnson, vice president and senior adviser of risk management policy at the American Bankers Association, told SCMagazine.com on Friday that owing to the level of access it required the heist was a “very, very difficult thing to do within a financial institution.”

These types of hardware exploits typically happen in the retail environment, Johnson said, later adding that, in those cases, it's easier to tamper with equipment to compromise organizations.

“It's just easier to get to, and [there's] not a dedicated PC behind levels of security,” Johnson said of hardware in retail establishments as opposed to that in banks.

According to a Friday release from MPS, the eight men arrested for their alleged connection with the Barclays heist are still in custody of London police.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

Hackers grab email addresses of CurrentC pilot participants

Hackers grab email addresses of CurrentC pilot participants

Although the hack didn't breach the mobile payment app itself, consumer confidence may be shaken.

Operators disable firewall features to increase network performance, survey finds

Operators disable firewall features to increase network performance, ...

McAfee found that 60 percent of 504 surveyed IT professionals prioritize security as the primary driver of network design.

PCI publishes guidance on security awareness programs

PCI publishes guidance on security awareness programs

The guidance, developed by a PCI Special Interest Group, will help merchants educate staff on protecting cardholder data.