X
Business
Home Business Tech & Work

So potent, even 007 could use one

The security incident involving Sumitomo Mitsui bank in London reinforces the need for both physical and technical security, and reminds us that people with nefarious intent have a variety of tools at their disposal.
Written by Fran Foo, Contributor
commentary Two months ago, authorities foiled a clandestine operation to steal a total of £220 million (US$411 million) from the Sumitomo Mitsui bank in London.

The UK National Hi-Tech Crime Unit began investigating the affair in October 2004 and discovered that the bank's computers contained keylogging software which provided unauthorised access to confidential data including account information and passwords.

The crime lab soon joined hands with its counterpart in Israel to nab its first suspect, 32-year-old Yeron Bolondi.

Bolondi was arrested in Israel for allegedly attempting to transfer £13.9 million (US$26 million) into the country from a Sumitomo account.

There are numerous unconfirmed reports on how the bank's computer systems were compromised. One publication cited the possibility of intruders -- posing as cleaners -- who illegally installed keyboard-logging devices to capture keystrokes.

Such products are a common find. One provider is KeyGhost -- simply plug its keylogger into a keyboard cable and connect it to the keyboard port.

Once installed, it discreetly captures and records all keystrokes typed, including chat conversations, e-mail, word processor, or even activity within an accounting or specialist system, the company says on its Web site. The thumb-sized device has a two million keystroke capacity.

The Sumitomo incident reinforces the need for both physical and technical security, and serves as a stark reminder that people with nefarious intent have a variety of tools at their disposal.

For Internet users, the proliferation of spyware has led to heightened security alert. These malicious files or programs -- which are installed on users' PCs without their consent -- continue to infect machines despite growing awareness amongst consumers and businesses, security software maker Webroot believes.

The combination of methods used to trap surfers has also become increasingly creative. Mistyping "Google.com", unbeknownst to users, would trigger the download of destructive software on their computers.

Such veiled attacks are expected to continue unabated so companies have no choice but increase IT security budgets. Today, the standard configuration in an IT department should include antivirus, anti-spam, anti-spyware and firewall products. It's best to err on the side of caution ... technology is, after all, a double-edged sword.

Fran Foo is ZDNet Australia managing editor.

Editorial standards
Show Comments

Related

The AGM Pad P2 tablet.

I did not expect this $170 Android tablet to be as impressive as it is

Makita Impact XPS Mag Boost and a set of Wera Screw Grippers

My 2 must-have tools to make DIY projects a lot less frustrating (and they're cheap)

Best Buy Essentials TV antenna review | Best TV antenna

The best indoor TV antenna you can buy: Expert tested