Advertisement
Promo

Security threats Toolkit

Inside the biggest bank raid that never was

Dan Ilet ZDNet.co.uk

Published: 21 Mar 2005 10:25 GMT

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

As Yaron Bolondi faces charges of money laundering and fraud, police are actively hunting down other suspects in the attempted hacking-based theft of £220m from Sumitomo Mitsui Bank (SMB).

The National Hi-Tech Crime Unit and the bank itself are keeping quiet over the affair, and technical details of the hack are still sketchy, But reports suggest that the would-be thieves used keystroke loggers to snatch sensitive information from SMB's employees and were thus able to manipulate the bank's systems.

If this proves to be true, it still unclear whether the key stroke logging system used was based around a hardware device fitted to the back of certain computers, or was purely software based — potentially sent by an email virus.

"They are being very cagey about how the hack was done," said Graham Cluley, senior technology consultant for antivirus company Sophos. "I even heard that there were no keystroke loggers. In many ways, hardware keystroke loggers are harder to detect than software. They can be fitted easily. So maybe it was an inside job."

Legal experts also feel an internal employee may have facilitated the attack. "My gut feeling is that this came from the inside," said Mark Smith, a solicitor for law firm Olswang. "It shows that you can't rely on perimeter security. Intrusion detection gets a lot of bad press because people don’t know how to operate it, but that can really help."

Chief information security analyst Paul Wood of email security firm MessageLabs said it was unimportant which type of keystroke logger they used as the bank had the right auditing practices in place to catch the thieves.

"Whether it's a hardware or software keystroke logger, that's all supposition," said Wood. "But they are all a threat to business. We don’t know whether the keystroke logger was from an email-borne virus or it was a physical keylogger. There are quite a few ways of detecting [keystroke loggers]. It goes to show that if you have sufficiently strong auditing, you have at least a chance of catching it before it's too late."

Next

Previous

1 2


  • Email
  • Trackback
  • Clip Link
  • Print friendlyPrint with EPSON

Did you find this article useful?
148 out of 280 people found this useful


In association with HP

Talkback

Post a comment


Full Talkback thread

0 comments

Related Links

More In Security threats


Company/Topic Alerts

Create a new alert from the list below:




Related BlackBerry Resources

Protecting the BlackBerry Device Platform Against Malware

BlackBerry Devices with Bluetooth - Security Overview

BlackBerry Enterprise Server IT Policy

BlackBerry Enterprise Solution - Security Technical Overview

BlackBerry Enterprise Solution and RSA SecurID

CIO's Guide to Mobile Security

See All White Papers

Video icon

Video

Sentry Posts Blog

Authentication risks all too human

Risks to successful online banking identification and authentication using smartcards involve a mixture of human and technological factors, according to the European Network and Information... More

1 comment

Opera censors Chinese content

Opera has updated the Chinese version of its mobile browser to stop users accessing restricted content. Opera Mini was updated on Friday from an international to a Chinese version,... More

2 comments

Symantec website breached

Security company Symantec has said that one of its websites was successfully breached. Romanian security researcher 'Unu' posted details of the breach in a blog post on Monday. Unu... More

Post a comment


Skip Sub Navigation Links to CNET Brand Links

Help

Become part of the ZDNet community.

ALL TOOLKITS

Blogs

Newsletters