Another British Bank Hit By KVM Crooks

judgecorp writes "Another British bank — Barclays — has been hit by a fraud attempt using a stealthily-planted KVM (keyboard, video, mouse) device. Unlike the previous attempt on Santander, the crooks got away with £1.3 million, but were subsequently apprehended by the Metropolitan Police's Central e-Crimes Unit."

Re:Never problem for banks.

They will just ask Central Bank to print some extra money. Problem solved. For the rest of you, go to work to earn some pennies.

I'm assuming you are from the US, because that is were this "printing money is bad" meme seems to have been resurrected lately. Central banks are managing the money supply to balance and the economy, and in most modern western economies this is working as intended - keeping a stable currency value, steady low inflation and fueling economic growth or counteracting recession. Outside that the slogan "printing money" sounds like something bad is going on, I don't really understand what it is about the real world effect of this that you are dissatisfied with.

If there was no "printing money" you would get deflation, which would be really bad for any modern economy. For one it increases the real value of debt, curbing investments, contributing to or amplifying recession and can lead to a deflationary spiral. (on a personal scale, imagine your house mortgage just growing and growing in real value you owe, the actual house value would not necessarily follow)

Re:Hmm.

[raburton]

Also known as some people with a bit of technical knowledge and a grasp of basic social engineering. Gotta love it when they make something sound like rocket science so folks won't realize what little is really involved.

The access might have been fairly straight forward, but we don't know what they did with it. What do you do once you are in? Just because you're on the banks network doesn't mean it's easy to steal money. I'm thinking back to the last time I was in a machine room on my own at a bank and wondering what I could have done if I'd wanted to, not really sure. Maybe you can find a convenient gui with buttons like "add money to an account (untraceable)" but failing that you're going to need a reasonable amount of IT/banking knowledge. If you're wanting to mod a CICS transaction written in COBOL to siphon off money without leaving any trace then you'll need more skills than the average crook. On the other hand they got caught, so maybe it was all over their heads...

Re:Weird KVM.

[cbiltcliffe]

You can't sniff for a valid MAC until you've already got your illicit one in the network. By then, you've already triggered the IDS.
Any bank with IT worth keeping has MAC filtering on their switches. That alone will prevent your "access point/switch in the network line from a workstation" from working. At best, the legit device will stop working, resulting in a call to IT. At worst, the IDS will be triggered immediately, Either way, IT will investigate, find your additions to the network, probably call the police, get your AP fingerprinted, etc.etc.

A network device WILL be detected on anything but the simplest "plug it in and it works as recommended by Best Buy" kind of network. I've got two older Cisco Catalyst switches on my home/home business network; a 2950 and a 2960. Even these support locking a specific MAC to a port, so an unauthorized device won't work if plugged in. I`m going to set the 2960 this way soon, but haven`t yet as it`s a new addition to the network, as an emergency replacement for a different switch that died. The 2950, though, is on my workbench, which has customer machines connected and disconnected on a regular basis, so this kind of setting would be counterproductive.

So when I get the setup finalized, your "AP in a network cable" wouldn't even work on the trusted subnet of my home network, forget about a bank. My workbench subnet has no access to anything important, so unless you're wanting to hack a customer machine that's already infected with a dozen viruses, you're not going to get anywhere.