One of the Leading UK Banks has admitted (albeit forcibly) that they have been targeted by organised crime’s new branch, the cracking branch have been busy on the banks executives. For the past year the Royal Bank of Scotland has been fighting systematic attempts to gain access to its computer network through the use of key loggers e-mailed to its senior management.

'Hackers are homing in on the trend for people to work from home. The hackers make the assumption that the computers being used outside the work environment are more vulnerable than those protected by a corporate IT department.

For companies it is a growing threat as home working increases: a recent survey from the Equal Opportunities Commission found that more than 60% of the UK''s population wants the option of flexible working.

And the hackers are employing increasingly sophisticated techniques. Each email they send is meticulously built to make it attractive to its target, who the criminals have carefully researched by trawling the internet for information. Once the email is composed, the malware is just as carefully designed: it is often modified to avoid detection by security software.

The hackers can, using the usernames and passwords stolen by the key loggers, connect to VPNs, which many companies use to create an encrypted pathway into their network; the hackers can communicate directly with computers holding account information and manipulate funds. Has this actually happened? In some cases sources claim that the login details of VPNs have been obtained and used though there has been no confirmation that any losses have occurred as a result. The attacks are not believed to have focused on RBS but to have been across the whole of the banking industry.
Royal Bank of Scotland said that the bank had suffered no losses as a result of the attacks and added: "RBS has extremely robust processes in place in order to protect our systems from fraud. Trojan email attacks are an industry-wide issue and are not isolated to a particular area or a particular bank."\r\nThe first indication that banks had become the target of such sophisticated attacks emerged two years ado when police foiled an attempt by hackers to steal $420m (i210m) from a London branch of Sumitomo, a Japanese bank. According to reports, the attack on Sumitomo involved the use Of both hardware and software keyloggers.
It is not just banks that have been targets. Last year attempts were made to steal information from the Houses of Parliament using malicious email. Messagelabs, the company responsible for monitoring much of the email traffic of the government and big business’ for suspect software, said at the beginning of the year that criminals have been evolving more sophisticated techniques to attack corporate networks According to Mark Sunnen chief technology officer of Messagelabs, the number of malicious emails targeted at individuals has been increasing. Two and half years ago they were being seen once every two months, but now they are seeing one or two a day. This has been accompanied by an increase in quality in the creation of Trojans and spyware.\r\n"The hackers are now aiming to take over computers, particularly those of home users. Some of the malicious software that we are routinely seeing for that purpose will have its own antivirus system built into it so that they can Kill off the programs of their competitors." As well as the usual tactic hijacking a PC for use as part of a spam network, hackers also mine computers for information on the individual and their contacts. This information can then be used help build a database of personal information that can be used to construct targeted criminal emails.

Social networking sites are also being mined, according to Sunner. These are not just the preserve of MySpace and Bebo-using teens; professional social networks such as Plaxo and Linkedin are also being plundered. Sunner adds: "If someone contacts you from Linkedin and you don''t know them and they ask you to join their network, you essentially tell them you are a member of either group. There are a lot of people who will answer those requests without thinking."