UK police arrest bank robbers who used KVM switch to hack accounts

£1.3m stolen after fake technician attached switch inside bank branch

20 September 2013 by Ambrose McNevin - DatacenterDynamics

Eight men have been arrested by the London Metropolitan Police's Central e-Crime Unit (PCeU) in connection with a £1.3m theft by a gang who stole the money by taking control of a Barclays Bank branch computer system.

A statement from the PCeU said: “The men, aged between 24 and 47, are currently in custody in London police stations after being arrested yesterday, Thursday 19 September and today Friday 20 September. They were arrested in connection with an allegation of conspiracy to steal from Barclays Bank, and conspiracy to defraud UK banks."

Searches are currently being carried out at addresses within Westminster, Newham, Camden, Brent and Essex, where property has been seized, including cash, jewellery, drugs, thousands of credit cards and personal data.

One central London premises has been described by detectives as the "control" centre for the fraudsters to work from.

The arrests are the result of a long term intelligence led operation by the Metropolitan Police's PeCU, in partnership with Barclays Bank, who have been investigating the theft of £1.3 million from the Swiss Cottage branch of Barclays in April 2013.

On 5 April 2013, Barclays Security reported the loss of £1.3 million from accounts to police. An investigation was launched and a search of the Swiss Cottage branch in North London was carried out during which a KVM switch attached to a 3G router was found connected to one of the branch computers.

A KVM switch (with KVM being an abbreviation for "keyboard, video and mouse") is a hardware device used legitimately in business to allow users to work remotely on their work computer systems.

It allows a user to control multiple computers from one or more keyboard, video monitor and mouse. Although multiple computers are connected to the KVM, typically a single or smaller number of computers can be controlled at any given time.

It was later established that the previous day a male purporting to be an IT engineer had gained access to the branch, falsely stating he was there to fix computers. He had then deployed the KVM device. This enabled the criminal group to remotely transfer monies to predetermined back accounts under the control of the criminal group.

Barclays were able to recover a significant amount of the monies stolen.

This new and increasing methodology being seen by UK law enforcement demonstrates the rapidly evolving nature of low risk, high financial yield cyber enabled crime.

Detective Inspector Mark Raymond of the Met's PCeU said: "These arrests were achieved working in partnership with the Virtual Task Force (VTF), an unique information sharing cyber collaboration between the PCeU and the UK Banking sector.

"Those responsible for this offence are significant players within a sophisticated and determined Organised Criminal Network, who used considerable technical abilities and traditional criminal know-how to infiltrate and exploit secure banking systems."

Barclays Bank issued the following statement: “Barclays has no higher priority than the protection and security of our customers against the actions of would-be fraudsters.

“We have been working closely with the Metropolitan Police following a security breach at our Swiss Cottage branch in April 2013. We identified the fraud and acted swiftly to recover funds on the same day.

“We can confirm that no customers suffered financial loss as a result of this action."

CONNECT WITH US

Sign in


Forgotten Password?

Create MyDCD account

Regions

region LATAM y España North America Europe Em Português Middle East Africa Asia Pacific

Whitepapers View All