Guardian News and Media/London

Police have foiled a plot to steal millions of pounds after a gang took control of a bank’s computer remotely.

Scotland Yard described the cyber-attack on a Santander branch in Surrey Quays shopping centre, in south-east London, as the most sophisticated case of its kind that police had encountered.

A man posing as maintenance engineer fitted a keyboard video mouse (KVM) device to a computer within the branch, allowing the transmission of the complete desktop contents of the bank computer over the network.

Police said the men were about to be in a position to execute their operation when the plot was foiled and multimillion-pound losses were prevented.

The bank said no money was ever at risk. Twelve men were arrested on suspicion of conspiracy to steal from Santander after a long-term, intelligence-led operation by Scotland Yard’s central e-crime unit (PCeU), working in conjunction with the banking industry.

Detective inspector Mark Raymond, of PCeU, said: “This was a sophisticated plot that could have led to the loss of a very large amount of money from the bank, and is the most significant case of this kind that we have come across.”

A 34-year-old man was arrested in Vauxhall, south London, and 11 men aged 23 to 50 were arrested in Hounslow, west London.

Searches were carried out at a number of addresses in Westminster, Hounslow, Hillingdon, Brent and Richmond, and in Slough where property was seized.

A Santander spokesman said none of its staff were involved in the plot.

“Santander was aware of the possibility of the attack connected to the arrests,” he said. “The attempt to fit the device to the computer in the Surrey Quays Branch was undertaken by a bogus maintenance engineer pretending to be from a third party.

“It failed and no money was ever at risk. No member of Santander staff was involved in this attempted fraud. We are pleased that we have been able, through the robustness of our systems, to prevent the fraud and help the police gather the evidence they needed to make the arrests.”

Dr Eerke Boiten, from the University of Kent’s Interdisciplinary Centre for Cyber Security Research, said an iKVM, which would need to be fitted inside the computer, would have been able to send the information collected over the internet. “It captures all the information that goes to the screen, keyboard and mouse. If you manage to get it installed inside the computer, it gives you a way of contacting the device through a remote computer,” Boiten said.