Advertisement

  1. ITV Report

Crooks 'likely posed as IT workers'

Police said the KVM device above is similar to that used in the Santander. Photo: Metropolitan Police

The plotters behind the attempted Santander bank theft are likely to have strolled into the branch posing as IT workers, experts said.

They would have then tried to manipulate a computer to access the machine from another location.

Had they succeeded, the crooks could have stolen reams of customer data and potentially committed a multimillion-pound heist.

But security experts said their technique was relatively simple.

It involved the use of a keyboard video mouse - a feature commonly used by a company's IT team to administer servers and computers remotely.

Gavin Millard, of internet security firm Tripwire, said those behind the "incredibly simple" scam were likely to have disguised at least one member as an engineer before attempting to manipulate technology built into the computer.

"It looks like they pretended to be maintenance workers and used people's inherent trust to gain access to these devices and reconfigure them," he said.

"They would then have been able to access the system remotely so they could see what was happening within the bank itself.

"The way that they most probably did this was by taking advantage of very standard tools that are in modern desktops."

David Emm, a senior researcher at internet security firm Kaspersky Lab, said it was unclear whether those behind the attempt were part of a sophisticated cyber gang or simple opportunists.

He suggested they would have planned to install hardware on the Santander computer to gain access to the company's corporate network.

He said their "game plan" may have been to get information from that bank's system, adding: "What this does flag up is that security needs to be looked at in a holistic way."

This would mean further scrutiny of those passing through the bank on a daily basis, as well as close attention to digital goings on.

Amar Singh, chairman of the London Security Advisory Group at the Information Security organisation ISACA, said a staff member may have left a computer terminal unmanned at the branch, creating an opportunity for the gang.

"Another scenario could include social engineering - the perpetrators may have managed to talk their way in," he added.

He said banks now need to examine their risk assessments and ensure staff are aware of threats of this kind.

"Systems handling banking transactions should be tamper proof," he said. "It should not be possible to replace any hardware component or connect anything to a sensitive system."