TechnologyAccounting SoftwareBank attack used key-loggers costing just £20

Bank attack used key-loggers costing just £20

Bank hackers used battery-sized bugging devices costing just £20

The hacker attack on Sumitomo Mitsui bank last month involved the use of keyboard logging devices costing as little as £20 each, according to sources.

Link: International hackers attempt massive heist

Accountancy Age sister publication Computing has learned that the attempt to steal an estimated £220m from the London office of the Japanese bank relied on battery-sized hardware bugging devices plugged into PCs’ USB ports.

Users’ keyboards were connected to these key-loggers, which recorded details of everything typed into the system.

Sources claim that cleaning staff – or people posing as cleaners – were able to attach the devices to machines. When the plot was uncovered, bank investigators found some of the devices still attached to the back of PCs.

The bugging kits, known as hardware key-loggers, can be bought from spy shops for about £20.

They are difficult to detect unless someone physically examines the back of the machine.

The devices can then download passwords and other data used to gain access to the computer system.

‘It is known that people have been using devices such as these because you can buy them from shops. It is highly likely that they have been used in other scenarios,’ said Paul Docherty, technical director of consultancy Portcullis Computer Security.

Many banks are now believed to be permanently connecting keyboards and other devices into their computers to prevent similar attacks. Sources say some banks have also banned wireless keyboards in offices.

‘This type of scam has been going on for a while,’ said a source. ‘This is an old, old issue, and people have been talking about it being a weakness for at least two years now.’

Sumitomo is now believed to have deployed sophisticated software that monitors the electrical current in computer systems and can tell if they are being tampered with. A spokesman for the bank declined to comment on the investigation.

Related Articles

Accountancy in the digital age: Flexibility, agility, efficiency

Accounting Software Accountancy in the digital age: Flexibility, agility, efficiency

2w Pegasus Software | Sponsored
Sage purchases Intacct in its largest ever acquisition

Accounting Software Sage purchases Intacct in its largest ever acquisition

5m Alia Shoaib, Reporter
5 tips for SMEs to protect cash flow

Accounting Software 5 tips for SMEs to protect cash flow

5m Alia Shoaib, Reporter
UK behind foreign markets in digital accounting, but gap is narrowing

Accounting Software UK behind foreign markets in digital accounting, but gap is narrowing

7m Alia Shoaib, Reporter
The rise of the progressive accountant

Accounting Software The rise of the progressive accountant

7m Emma Smith, Managing Editor
Making Tax Digital: Revolution or revolt?

Accounting Software Making Tax Digital: Revolution or revolt?

8m Emma Smith, Managing Editor
Making Tax Digital: Is HMRC’s recent system fault a cause for concern?

Accounting Software Making Tax Digital: Is HMRC’s recent system fault a cause for concern?

8m Emma Smith, Managing Editor
Four reasons why SME owners should switch to cloud accounting

Accounting Software Four reasons why SME owners should switch to cloud accounting

9m Emma Smith, Managing Editor