Police believe they have caught the 'Mr Big' of UK cyber crime after a gang stole £1.3 million from a Barclays Bank branch in London using a simple KVM (keyboard video mouse) device.
Police arrested eight men last Thursday and Friday in connection with the theft, which took place in April at the Barclays branch in Swiss Cottage, north London. On Saturday, four of the men, aged 26-47, were charged at Westminster Magistrates' Court with conspiracy to steal or conspiracy to commit fraud by false representation. The other four were released on bail.
"All criminal networks have a head and we very much believe we have now apprehended our 'Mr Big' as part of this operation," Detective Superintendent Terry Wilson told the BBC. “It's really the top tier of this criminal network that have been arrested. This was a highly organised criminal network with each individual filling a specific role.”
The indictment of the Barclays four came hot on the heels of the arrest of 12 men earlier this month following a failed attempt to steal from the Surry Quays, the southeast London branch of another bank, Santander. It, too, was fronted by a man posing as an IT engineer using a KVM device.
This resulted in four men being charged with conspiracy to steal. Police raided sites across London and Berkshire in which they seized computer equipment, cash, jewellery, drugs and credit cards. The other eight men were released on bail.
The police are linking the two cyber raids, but say those arrested in connection with the Barclays robbery “are a different [higher] level”.
As reported by scmagazine.com, at both banks, staff allowed a man masquerading as a maintenance engineer to access the branch computers. He then allegedly connected a KVM switch to gain remote access to multiple computers and to customer accounts.
At Barclays, the criminals were able to transfer £1.3 million (around $2 million) to accounts they had designated ahead of time, police said.
The raids have prompted calls from cyber crime experts that enterprises across all sectors should ensure they put in place ‘low-tech' physical access controls to their computers, as well as sophisticated IT technical controls.
A Barclays spokesman said the bank has been able to recover a “significant amount” of the money stolen and that no customers had suffered financial loss as a result of the theft.