Cyber crooks try to take over a bank
It’s hard to not have seen the coverage about the attempts of a 11-strong gang to remotely take over a branch of the Santander bank by hijacking its computers. It was such an audacious and unusual plot that the media swooped on the story en masse.
Hijacking a bank through a KVM device
The would-be robbers apparently planted a KVM device in the bank. KVM stands for keyboard video mouse, a tool that IT teams in business environments use to remotely take over a user’s computer to fix problems.
It’s a standard tool and comes in different forms. For example, it can be embedded in hardware or operate as a standalone switch device that can be attached to a computer. Some even have their own IP address so they can be located on a network.
It seems that in this case the KVM was a switch device (a little box) because apparently a bogus maintenance engineer entered the branch and hooked the device up to a computer. Picture a row of desks in an office, each with a monitor, and beneath the desk the actual computers. Streams of cables snake beneath the desks and it would be quite easy disguise a KVM switch amid the cables.
Just after the arrest, the police made it known that the plotters had set up an office in Hounslow, a fairly anonymous part of West London close to Heathrow airport, from which they planned to carry out and manage their scam.
The KVM switch would have allowed them to see what was happening on the computers it was attached to. You can imagine the information they would have access to; bank account numbers, balances, names and addresses, transaction records and so on.
Some KVM devices permit users to remotely power up and power down a computer, so theoretically they could have switched the computer on when the bank was closed.
Why do you need credit card protection ?
The plot reveals how mainstream crime and cyber crime are fusing. We can only speculate how the gang would have siphoned off money. Clearly an attempt to empty huge amounts of money in a single overnight swoop would set all sorts of alarm bells ringing.
More likely the gang would withdraw money in small amounts so as to not attract attention and alsoperpetrate all sorts of identity theft from taking out loans and credit cards in customers’ names to making huge purchases using customer details.
In fact, the potential for major fraud is staggering and would only be limited by the crook’s imagination. Santander has 25 million customers in the UK so the scope would be enormous.
However, even possessing bank account information such as names, numbers and addresses is valuable. These details are worth hard currency on the black market.
While it’s difficult to predict exactly where the next cyber threats will come from you can take steps to protect yourself.
BullGuard Identity Protection secures your personal financial information by searching the Internet for your personal information. If, for example, your data is being misused to carry out credit card or loan scams, or is being offered for sale, BullGuard Identity Protection will detect it and immediately notify you.
In a world where cyber crime is becoming as commonplace as ubiquitous internet access its good common sense to safeguard yourself with identity theft protection.
Posted by Steve Bell