Student hackers access bank computer codes

Click to follow
The Independent Online

Two Cambridge students have designed a computer programme that can hack into banks' security codes, potentially giving access to hundreds of thousands of PIN numbers.

The two PhD students showed it is theoretically possible to download confidential financial information, allowing a potential thief access to vast amounts of cash.

The students say they plan to put the details on the Internet – hoping it will ensure security is improved.

The security breach was revealed in BBC's Newsnight programme last night, showing it was possible to translate the 16-digit number for cash cards.

Michael Bond, 22, said: "Banks' approach to security is too closed, they are relying on outdated concepts such as security through obscurity." He said the breach could only be performed by bank staff with access to bank computers.

The system involved is based on IBM's 4758 computer used by banks, the military and governments to protect networks – previously thought to be impregnable.

Mr Bond and fellow student Richard Clayton used equipment costing less than £750 to download the data.

IBM said: "This academic study is based on specific laboratory conditions. In the real world, there are too many physical safeguards and authority protections for such an attack to be successful."