Inside the Tory ‘hacking’ claims

Net crime fears prompted bank to postpone e-banking

Stories about the alleged “hacking” into the Conservatives bank account bring to mind images of a lone young male – probably a social misfit – sitting in his basement, huddled over his computer.

The reality is probably somewhat more anodyne.

Think instead of a disgruntled Labour- supporting bank employee with a mean eye for a story and you probably have something closer to the truth.

Hands on: Bank employees may be to blame
Ross Anderson,
professor of computing at Cambridge University, told BBC News Online: “Twenty years ago, if you wanted to find out the details of a bank account you would have to get the ledger in the bank branch – which would probably mean bribing or sleeping with the person who had the keys to the safe.

“When the banks computerised it meant that every one of its 70,000 or so tellers could see every customer’s account.

“Insecurity of data increases with the number of people who have access to it.”

Mathew Bevan, a computer security consultant and former computer hacker, backed Prof Anderson’s theory.

All banks are pretty much insecure
– Former hacker Mathew Bevan
“The information could have come from a call centre or from within the bank. All banks are pretty much insecure,” he told BBC News Online.

“It takes a lot of talent to hack into a bank’s computer and I don’t think a hacker could be bothered without any financial reward.

“And aside from the embarrassment, it’s not going to stop the Tories winning the next election.”

The Royal Bank of Scotland – where the Conservatives have their account – said it has “complete confidence” in all its security systems.

If someone has been hacked, they usually keep it secret -Dr Chris Thornton

Dr Chris Thornton, Sussex University computing science lecturer, said: “If someone has been hacked, they usually keep it secret.

“Anyone who makes it public usually has an ulterior motive.”

But the Conservatives say the information could not have come from their London headquarters.

The problems have emerged amid concern in the computer industry that the hackers may be exposing new security flaws as fast as the big software companies, such as Bill Gates’s Microsoft, can repair them.

The hackers are also switching tactics. Instead of attacking banks directly – as they did in one of the few publicised cases when $400,000 (?240,000) was stolen from Citibank in America – security experts believe they are targeting people’s home computers and their personal accounts.

By leaving viruses scattered across the internet, hackers have discovered they can seize control of home computers and steal people’s legal identities.

These can be used to attack bank accounts, lift phone records, electronic shopping accounts and private business information.