Four men charged over audacious Santander bank hacking plot

Four men have been charged and appeared in court following an attempt to hack the computer systems at a Santander bank branch and steal millions of pounds.

It is alleged that one of the group posed as an IT engineer in order to fit a computer with a keyboard video mouse (KVM) at the Surrey Quays shopping centre branch in south east London.

If successful, it is believed the KVM would have allowed the gang to access all the computers at the branch.

A total of twelve people were arrested on Friday by the Met Police e-Crime Unit after the plot was foiled. The remaining eight have been bailed pending further enquiries.

Explaining how a KVM works, David Emm, senior security researcher at security firm Kaspersky Lab, told ITProPortal that the technology can allow the operation of multiple devices through one keyboard or mouse.

"The successful fitting of such a device, combined with specific software would give the hackers remote access to that particular computer and any network or information it had access to," he said.

In statement Santander said "no money was ever at risk" and that no employee was involved.

The four men were charged with conspiracy to steal and stand accused of a "very significant and audacious cyber-enabled offence".

"Attempts to hack large, financial organisations are certainly nothing new, but the recent 'cyberplot' against the bank shows different characteristics to that of a large heist," added Emm.

"Hacking attempts to large organisations usually focus mainly on using software e.g. installing Trojans to infiltrate a vulnerable employee's computer within the organisation, thus giving the cybercriminal remote access to the company's infrastructure.

"With the use of a physical device being planted within the branch, it is clear that organisations need to keep an eye out for physical breaches, as well as software infiltrations."

Image credit: Flickr (Howard Lake)