Cybercriminals' plot to pilfer Santander Bank thwarted by Metropolitan Police Unit
A Daring Bank Heist Foiled: Santander's Surrey Quays Branch Escapes Unscathed
In a thrilling turn of events, the Metropolitan Police e-crime unit apprehended 12 individuals suspected of a cunning "cyber heist" at Santander's Surrey Quays branch.
The masterminds behind this plot attempted to install a hardware device, known as a KVM device, onto a PC at the branch. This device, if successful, would have given them control over the bank's computers remotely, as claimed by the Metropolitan Police.
- *Read More: How to Pull Off a (Hypothetical) Bank Heist*
As stated by Santander, this attempted infiltration was carried out under the guise of a bogus maintenance engineer. The attempt failed, and no money was ever at risk. No Santander employee was involved in this attempted fraud.
"This was a highly sophisticated scheme that could have resulted in the loss of a vast sum from the bank, making it the most significant case of its kind we've encountered," said detective inspector Mark Raymond of the Met's Central e-Crime Unit.
Santander had been anticipated potential attacks of this nature, establishing a close-knit partnership with the Police and other authorities to deter fraud.
The arrests, according to the Metropolitan Police, were the results of a prolonged, intelligence-driven proactive operation by the Police Central e-Crime Unit (PCeU).
Some security experts have hinted that these arrests may have been part of a controlled operation or a trap, but a Met Police spokesperson dismissed these assumptions, stating, "We acted based on the intelligence we had."
Hardware-based keyloggers have a history of being used in bank heists. In 2005, the UK's now-defunct National Hi-Tech Crime Unit thwarted a plot to pilfer £220 million from the London offices of Japan's Sumitomo Mitsui bank, using a software-based key logger.
- *More: Vodafone Suspects IT Contract of Stealing 2 Million Customer Records*
Graham Cluley, an independent security expert, believes the device used in the Santander heist might have been a KVM logger, which grants the operator control over the affected machine. This would have enabled the hackers to execute transactions using the compromised PC.
Cluley emphasized the importance of vigilance and caution when allowing unknown individuals into the workplace to prevent such attacks. He also recommended implementing two-factor authentication to complicate attacks of this nature.
Hardware-based keyloggers like the one suspected in this case are designed to capture keystrokes from a computer unnoticed. Unlike software-based keyloggers, they are harder to detect because there's no software running on the computer.
A KVM device, on the other hand, is primarily used to control multiple computers using a single keyboard, video monitor, and mouse. While they can be exploited if vulnerable or hacked, they are not usually utilized for keylogging in bank heists.
In light of the failed cyber heist at Santander's Surrey Quays branch, it's crucial for companies to enhance their cybersecurity, particularly against hardware devices like KVM loggers, which, if misused, can control computers remotely.
The use of hardware-based keyloggers, such as the one suspected in the Santander incident, in crime-and-justice agendas underscores the need for general-news outlets to cover cybersecurity issues more extensively, helping the public stay informed and take necessary precautions.
