Met Police cybercrime unit arrests 12 over alleged Santander bank theft plot
Updated: Twelve men arrested over alleged plot to steal money from London bank branch.
Twelve men have been arrested following the discovery of a plot to steal millions of pounds by gaining remote access to the computers at a London bank branch of Santander.
The men are alleged to have tried to install a “keyboard video mouse” that would allow them to gain remote access to all of the computers at the branch in Surrey Quays shopping centre, south east London.
A spokesperson for the Metropolitan Police explained: “The offence involved deploying a KVM (keyboard video mouse) device, fitted to a computer within the bank branch, allowing the transmission of the complete desktop contents of the bank computer over the network.
“In effect, this allowed the suspects to take control of the bank computers remotely,” the spokesperson added.
The gang were arrested following a “long-term, intelligence-led, proactive operation,” by the Metropolitan Police’s Central e-Crime Unit, which is responsible for responding to instances of cyber crime.
Eleven of the suspects were arrested yesterday in Hounslow, west London, while another was arrested in Victoria.
Searches were also carried out at addresses in Westminster, Hillingdon, Brent, Richmond and Slough.
A Santander spokesperson, quoted on ITV news, said no members of staff were involved with the foiled plot.
"The attempt to fit the device to the computer in the Surrey Quays branch was undertaken by a bogus maintenance engineer pretending to be from a third party," the spokesperson said.
"It failed and no money was ever at risk. No member of Santander staff was involved in this attempted fraud."
Meanwhile, Chris McIntosh, CEO of network security vendor ViaSat UK, said bespoke attacks on financial firms is a trend that looks set to continue.
"High-profile targets such as Santander will continue to come under attack , as the potential rewards are simply too great to ignore," he said.
"As we have seen, such attacks will become increasingly targeted, [featuring] bespoke strategies designed to identify and exploit the weakest link in a particular target’s security – whether that is its employees, its laptops or the fact that there is no need to breach a firewall if you can instead physically infiltrate a less-protected area of the business."
*Story updated to include comment from Santander spokesperson.*