Met Police cybercrime unit arrests 12 over alleged Santander bank theft plot

Police lamp

Twelve men have been arrested following the discovery of a plot to steal millions of pounds by gaining remote access to the computers at a London bank branch of Santander.

The men are alleged to have tried to install a "keyboard video mouse" that would allow them to gain remote access to all of the computers at the branch in Surrey Quays shopping centre, south east London.

A spokesperson for the Metropolitan Police explained: "The offence involved deploying a KVM (keyboard video mouse) device, fitted to a computer within the bank branch, allowing the transmission of the complete desktop contents of the bank computer over the network.

"In effect, this allowed the suspects to take control of the bank computers remotely," the spokesperson added.

The gang were arrested following a "long-term, intelligence-led, proactive operation," by the Metropolitan Police's Central e-Crime Unit, which is responsible for responding to instances of cyber crime.

Eleven of the suspects were arrested yesterday in Hounslow, west London, while another was arrested in Victoria.

Searches were also carried out at addresses in Westminster, Hillingdon, Brent, Richmond and Slough.

A Santander spokesperson, quoted on ITV news, said no members of staff were involved with the foiled plot.

"The attempt to fit the device to the computer in the Surrey Quays branch was undertaken by a bogus maintenance engineer pretending to be from a third party," the spokesperson said.

"It failed and no money was ever at risk. No member of Santander staff was involved in this attempted fraud."

Meanwhile, Chris McIntosh, CEO of network security vendor ViaSat UK, said bespoke attacks on financial firms is a trend that looks set to continue.

"High-profile targets such as Santander will continue to come under attack , as the potential rewards are simply too great to ignore," he said.

"As we have seen, such attacks will become increasingly targeted, [featuring] bespoke strategies designed to identify and exploit the weakest link in a particular target's security whether that is its employees, its laptops or the fact that there is no need to breach a firewall if you can instead physically infiltrate a less-protected area of the business."

*Story updated to include comment from Santander spokesperson.*

Caroline Donnelly is the news and analysis editor of IT Pro and its sister site Cloud Pro, and covers general news, as well as the storage, security, public sector, cloud and Microsoft beats. Caroline has been a member of the IT Pro/Cloud Pro team since March 2012, and has previously worked as a reporter at several B2B publications, including UK channel magazine CRN, and as features writer for local weekly newspaper, The Slough and Windsor Observer. She studied Medical Biochemistry at the University of Leicester and completed a Postgraduate Diploma in Magazine Journalism at PMA Training in 2006.