The police confirmed arresting 12 men between the ages of 23 and 50 in a public statement on Saturday. Four of them appeared in court on Saturday and eight others are on bail pending further enquiries.
The men are believed to have conspired to hack the Surrey Quays Santander branch by attaching a keyboard video mouse (KVM) switch to a terminal. The tactic would let the criminals take control of the terminal from a remote location at a later date.
A Santander spokesperson confirmed that the bank is aware of the attack and arrests in a statement to V3, warning that IT breaches are a problem facing all high-street banks and that no information was compromised.
"Like all high-street banks, Santander works very closely with the police and other authorities to help prevent fraud. Through this co-operation, Santander was aware of the possibility of the attack connected to today's arrests. The attempt to fit the device to the computer in the Surrey Quays Branch was undertaken by a bogus maintenance engineer pretending to be from a third party," read the statement.
Santander's director of communications Jennifer Scardino added that by co-operating with the police the bank was able to thwart the criminals before they had the chance to steal any customer information.
"Santander alerted the Metropolitan Police about the threat posed by those arrested yesterday, and has worked closely with the police to help them gather the evidence required for the arrests. There was never any risk of access to our systems, customer data or funds," she said.
The attack is atypical as it required a member of the criminal gang to physically compromise the bank's security before hacking its network. Senior security researcher at Kaspersky Lab, David Emm, listed the attack as proof that banks and companies handling sensitive data must take physical security just as seriously as cyber security.
"The method used by the group was sophisticated, using both ‘low-tech' and ‘high-tech' methods, through the use of hardware and software. Hacking attempts to large organisations usually focus mainly on software, for example installing Trojans to infiltrate a vulnerable employee's computer within the organisation, thus giving the cyber criminal remote access to the company's infrastructure," he said.
"This attempt should remind organisations that a holistic approach needs to be taken toward security. It's not just the IT security methods that need to be scrutinised, but the people within the organisation as well. With a physical device being planted within the branch, it is clear that organisations need to keep an eye out for physical breaches, as well as software infiltrations."
Helping educate companies and financial institutions about cyber threats has been a key goal for the UK government and its ongoing Cyber Strategy. The GCHQ launched a new Cyber Incident Response initiative designed to offer companies and public-sector organisations assistance in the aftermath of cyber security attacks.
No comments:
Post a Comment