Bank robbers pose as IT guys, rig device to slurp £1.3m from Barclays

[Lee J <lee () riskbasedsecurity com>]

http://nakedsecurity.sophos.com/2013/09/21/bank-robbers-pose-as-it-guys-rig-device-to-slurp-1-3m-from-barclays/

London's Metropolitan Police have arrested eight men in connection with a
£1.3 million ($2.08 million) bank heist carried out with a remote-control
device they had the brass to plug into a Barclays branch computer.

The hardware included a KVM (keyboard, video monitor and mouse) switch and
a 3G dongle that enabled the crooks to slurp money from accounts, according
to Met 
Police.<http://content.met.police.uk/News/Eight-men-have-been-arrested-in-connection-with-a-13-million-theft-from-Barclays-bank/1400019997308/1257246745756>

These are legitimate hardware setups: As the police explained, a KVM switch
is used in business to enable remote work on computers.

Walking into a bank and pretending to be an IT guy to install such a device
is, needless to say, a less legitimate prospect.


[...]

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

# OWASP http://www.appsecusa.org
# Builders, Breakers and Defenders
# Time Square, NYC 20-21 Nov
o()xxxx[{::::::::::::::::::::::::::::::::::::::::>

Risk Based Security (http://www.riskbasedsecurity.com/)
Risk Based Security offers security intelligence, risk management services and customized security solutions. The 
YourCISO portal gives decision makers access to tools for evaluating their security posture and prioritizing risk 
mitigation strategies. Cyber Risk Analytics offers actionable threat information and breach analysis.