17 March 2005 An attempt by criminal hackers to steal £220 million (€316 million) from the London office of Japanese banking group Sumitomo has been foiled by UK police.
The UK’s National High Tech Crime Unit (NHTCU) said today that a man has been arrested in Israel in connection with the electronic heist. The man’s bank account was one of ten to which the stolen funds were to be redirected.
The NHTCU found the thieves to be using a “keylogging” technique, whereby keystrokes made on computer keyboards inside the bank’s offices were recorded. This technique enables hackers to steal usernames and passwords that would give them access to the bank’s systems.
It is not known whether the hackers used a remote software method of recording keystrokes or or if they installed a hardware device onsite, but Jack Clark, a consultant at security experts McAfee, suspects the latter.
“A software device would only start when Windows boots up, whereas a keylogger installed between the keyboard and the computer records any keystroke,” Clark told Infoconomy.
“These hardware devices are fairly basic pieces of kit and need to be physically retrieved before you can access the data,” said Clark. “This suggests it may have been an inside job.” The police have not yet said how they discovered the plot.
Keylogging attacks are increasingly common, added Clark. “This case shows how damaging something as simple as a keylogger can potentially be.” Clark also noted that, far from the preserve of frustrated teenagers, cyber crime is now a lucrative enterprise involving true criminals. “Most of the spyware, and malware in general, that we see these days is written with making money in mind. We need to be aware that this can happen to anyone,” he said.