'Acid House King' jailed for £1.25m cyber theft

Security experts are warning of an influx of professional and imaginative cyber criminals after Tony Colston-Hayter, known as the 'Acid House King', was jailed for masterminding bank robberies which netted over £1.25 million using KVM technology.

'Acid House King' jailed for £1.25m cyber theft
'Acid House King' jailed for £1.25m cyber theft

Colston-Hayter was sentenced at Southwark Crown Court to five-and-a-half years in prison for leading a gang which used a keyboard, video, mouse (KVM) device to hack into computers at branches of Barclays and Santander banks.

The gang also stole credit and bank card details from about one million intercepted letters to buy Rolex watches, designer jewellery and other high-value items worth over £1 million.

Colston-Hayter and eight other gang members were sentenced for their parts in the scams.

Colston-Hayter became known as the ‘Acid House King' after he organised ‘Sunrise' raves during the 1980s which were later banned by then Home Secretary Douglas Hurd. He also appeared on television with Jonathan Ross.

But the court heard that, from being a successful businessman, his life went go wrong after he began abusing class A drugs, and he organised the KVM robberies to fund his addiction.

His gang gained notoriety last year when they launched three cyber attacks on Barclays and Santander, using a KVM switch device to try to access bank accounts remotely.

The first attack was in April when Darius Boldor, 34, walked into Barclays Bank's Swiss Cottage branch, and used the KVM switch to make 128 transfers worth about £1.25 million. Barclays recovered just £543,000.

Three months later, Dean Outram, 32, went into Barclays' Lewisham branch and illicitly gained access to its computers, stealing £90,000.

Two months after that, Outram managed to access Santander's IT system by fitting a KVM switch at one of its branches in Surrey Quays, south-east London. The court heard that Lanre Mullins-Abudu, 25, and another man tried to hack into Santander to steal what police warned would have been "substantial funds" - but the gang were caught in the act.

In the wake of their convictions, cyber crime experts are warning UK businesses to beware of growing numbers of equally sophisticated gangs using new technology - as well as old fashioned subterfuge.

Charlie McMurdie, former head of the Met Police Central e-Crime Unit (PCeU) and now senior crime adviser at PricewaterhouseCoopers (PwC), told SCMagazineUK.com: “These are new-age bank robbers, a really significant team with all their role and remits in place, well-structured, well-organised, and using all the various techniques they exploited the banking system.

“We're seeing more and more of these old-fashioned mainstream criminals using and exploiting technology, and really being quite professionalised about how they're going about it.

“That's the learning to impart back to industry, around the need to join up all these different aspects that are now being used by mainstream criminals – social engineering, the technical exploits, the physical exploits.”

Mark Stollery, an information security expert with PA Consulting, also highlighted the sophistication of Colston-Hayter's gang and the need for UK organisations to try to keep pace with the criminals' innovative use of technology.

He told SCMgazineUK.com: “They came up with a smart idea which worked because it was imaginative and had not been seen before - and a couple of the banks didn't see it coming.

“It is unlikely to work again because banks are aware of it, but the villains always have the advantage – they can always come up with a new idea, and until you spot that new idea you can't put defences in place against it. You're always behind the curve.

“The bad guys will always be trying to come up with something new. Defenders, institutions, need to always be thinking imaginatively. You need to get some imaginative, competent people on your side and think right, how would we attack this knowing what we know – measures which may not occur if you are taking a good linear, logical, structured approach to security.”

Security expert Adrian Culley, a former Met Police Computer Crime Unit detective, agreed about the influx of cyber criminals. “It is sadly clear that organised crime is increasingly moving into this area, and the problem may only get worse,” he told SCMagazineUK.com via email.

But Culley also congratulated law enforcement on capturing this gang: “The sentences issued here represent both the seriousness of the offences committed by these criminals, and the increasing ability of law enforcement in cyber crime. The case shows that those who choose to commit such offences will be caught, prosecuted and face substantial custodial sentences.”