Everything points that the world's largest potential bank robbery was an inside job.
On March 17, 2005, the UK's National Hi-Tech Crime Unit (NHTCU) announced that criminals had tried to steal Р€220m from the London-based office of Japanese bank Sumitomo Mitsui. They used spyware to collect access codes and passwords that allow transferring money electronically. However the NHTCU was onto the plot as early as last October after it was discovered the bank's system had been compromised. That's why the bank had not suffered any financial losses during the compromised period. One probable swindler has been arrested in Israel after trying transfer Р€13.9m of the funds.
After details about using spyware in potential bank robbery had become available, some IT security experts suggested that there possibly were past or present bank employees among criminals. Otherwise the spyware that logged access codes and passwords and sent them to the outside world couldn't find its way onto the system unaided. Furthermore key-logging software was installed on a machine on which authentication data were entered. It's unlikely that it is just fortuity. Nevertheless it will be very difficult to find the insider.
The investigation is ongoing.
“Although the bank claims to have not suffered any financial losses in consequence of incident, its reputation has got a strong blow. The client's trust is very important for financial institutes. That's why it's very difficult to state the value of such image prejudice,” – said Denis Zenkin, the Marketing Director of InfoWatch company. “Banks must keep all vital information under lock and key, so they have to use anti-leakage software that prevents data theft and uncontrolled actions by employees. Otherwise the incidents like Sumitomo one will be repeated,” – he added.
Source: Silicon.com