To claim that there was sense of disarray, verging on panic, among parts of the banking community in various places around the world, would be putting it mildly. It wasn’t simply that the banks concerned were facing unexplained transactions within their supposedly secure systems, it was also because the individuals and organisations that were the victims of those transactions were, as they say, ‘making a fuss’: in some cases, a lot of fuss. And that was because they not only appeared to have lost a lot of their wealth, but because they were, or had been, seriously wealthy, and therefore also important. Many of them indeed were very important, and in one particular case, no less a person than the President of an African nation.
All in all, it was not a happy scene, and there were many unhappy people both inside the banking industry and among its clients. The odd thing about it all, however, was that each bank and individual customer had no idea that there were others in the same boat. The two Swiss banks that Robin had been dealing with, for instance, did not know that they were each having the same problems with one of their new accounts, while the Interbank (Nederlandsche) Group, at its London headquarters, had no idea that there were two banks having similar problems to its own in Switzerland. Or that there was also one in the Cayman Islands, one in Singapore, one in Bermuda, and two (so far) in the United States, and so on. Naturally, the banks concerned were not about to broadcast the fact that they appeared to be having severe problems with their security systems, and that very large sums of money were appearing and disappearing as if by magic. And their customers were so far being equally coy, publicly, about their difficulties, probably because in some, if not all cases, the cash they were now short of was ill gotten in the first place.
So each bank was going through the same agonising process, trying to discover how and where its infallible security system was failing, or whether it might possibly be an insider, a member of the staff somewhere. Anyone with knowledge of the hierarchical access controls, like log-ins and passwords, and the ability to subvert the network’s security mechanisms, could quite easily be quietly lining their own pockets. The computer experts and security staff all had very little to go on, since every transaction appeared to be perfectly legal, originating or terminating within the banks’ clearing system via the internet, but then coming to a dead-end.
It was the sudden removal of the remaining million pounds from Ms. Gladys Hood’s account that finally spurred Jan Bergen into action. He rang Denis Hood to arrange a meeting.
The two banks in Switzerland had also noticed that half a million pounds had been withdrawn from their respective accounts, but since Mr. Robin Hood had been good enough to advise them to expect this transaction, they thought no more of it - except that, once again, there was no evidence of where the money had gone.
Robin had been expecting the call when his father rang.
“I know what you’re going to tell me,” said Robin. “The bank has been on to say they’ve lost another million of Aunt Gladys’s money!”
“That’s exactly what has happened,” agreed Denis Hood, “except that this time it was their Head of Security who was on, and he has asked for a meeting. I’m going to London in a couple of days, as it happens, so I’ve agreed to drop in to his office then for a quick chat.”
“Was he in a panic?” asked Robin.
“Not really,” replied his father. “He said it was obvious that something was going on that they couldn’t explain, but said he wanted to go through Glad’s account with me to see if we could find any clues between us.”
“Which of course, you won’t,” said Robin.
“Quite,” agreed his father. “I think in the end I shall agree, or even suggest, that unless the money was deposited by a secret well-wisher, who then had a change of mind and withdrew it all again, then Gladys really has no claim to it.”
“I’m sure that’s the right thing to do, Dad,” said Robin. “But remind them that it doesn’t hide that fact that there is something wrong with their security system.”
“I shall rub their noses in it, don’t you worry,” laughed Denis Hood. “I suspect that part of the reason for wanting to meet me is to be sure that it’s not me playing tricks on them, since I have power of attorney.”
“As if you would!” said Robin. “Make sure you twist their tail, though, and insist on keeping the interest that will have accrued while the money was on deposit.”
“Good idea,” agreed his father, “especially as the poor dear’s expenses have gone up now she’s in the hospice.”
“How is Gladys, by the way?” enquired Robin.
“Not too good, I’m afraid,” replied Denis. “I paid her a visit yesterday, and she hardly knew me. She seems to be going downhill fast.”
“Shame,” said Robin. “But do let me know how you get on at your meeting. It will be interesting to know if they’ve got any ideas."
Denis Hood finished his meeting with colleagues at his company’s London Headquarters in Jermyn Street, and caught the tube to the City for his appointment with Jan Bergen. Pierre van Hague was also there when he arrived, and they had already pulled up Gladys’s account details on the computer when Denis was shown into the office.
“It’s so good of you to come up to see us,” greeted Bergen, “but I just hoped that if we put our heads together we might come up with a solution to this rather odd set of circumstances.”
“As you can see,” said van Hague, indicating the computer screen, “we have your Aunt’s account details on the screen here, and we have again been through every detail to try to explain the mysterious appearance and then disappearance of the large sum of money we have been talking about.”
“Any clues?” asked Denis Hood.
“Absolutely none,” admitted the Head of Security. “I’ve been through this account a dozen times with Mr. van Hague here, and with various account managers, and we can find no logical reason to explain the initial deposit of £2m.”
“We have carefully traced all Ms. Hood’s investments over the many years she has held accounts with us, and there seems to be nothing which would pay such a large sum at this time,” said van Hague
“Or ever,” added Bergen.
“So although we are obviously reluctant to admit defeat over this affair,” confessed van Hague, “we did rather hope that if we went through Ms. Hood’s affairs with you, we might by chance stumble across an explanation.”
“Well, I’m not sure I’m going to be much help,” confessed Denis Hood. “You will know that I have only recently taken enduring power of attorney over Gladys Hood’s affairs, but I have been through all the papers I can find to see if an explanation suggests itself. So far, none has, I’m sorry to say.”
“I feared as much,” sighed the Customer Affairs Manager.
“What really puzzles me, if I’m honest,” said Denis Hood “is how such a large sum - or any sum, come to that - can suddenly appear in an account without you being able to trace its source.”
“That is also one of our dilemmas, as I’m sure you can appreciate,” admitted Bergen. “The money came to us through BACS - that is the Bank Automated Clearing Systems, as I’m sure you know. So, as far as it goes, therefore, we do know where it came from. But we do not know, and neither have we been able to find out, how or from where it got into the system in the first place. That’s been the problem.”
“And having studied Ms. Hood’s account going back over many years, we can’t even begin to guess its source, either,” said van Hague.
“It always seemed to us,” said Bergen, “to be too neat a sum for a maturing investment. No odd shillings and pence, if you see what I mean. Which is why we wondered if it might have been a gift or a legacy or something.”
“I’m not aware of anything like that,” said Denis Hood. “And I also quite fail to understand,” he added, warming to his subject, “how such sums can ever be taken from an account without your knowledge, or even without proper authorisation.”
“Quite so,” said Bergen, fidgeting.
“No money of whatever sum should be moved from Ms. Hood’s account without my authority, since I have power of attorney,” added Denis Hood.
“Quite so.”
“And yet no such authority was sought, or given,” protested Denis.
“Agreed.”
“So how did a bank of your size and reputation come to allow such a transaction to take place?” demanded Robin’s father, rather enjoying himself.
“The fact is, Mr. Hood,” explained Bergen, “that we did not allow the transaction to take place. We simply had no way of stopping it, and didn’t know about it until after it had taken place.”
“So what sort of security system do you call that?” Denis Hood jabbed his finger towards Bergen.
“That is my gravest worry, as you rightly assume,” said Bergen. “Cash appearing in an account from no immediately apparent source is one thing, but cash being taken out of an account without our knowledge or proper authority is quite another, and a matter of great concern to all of us. It will not surprise you to know, Mr. Hood,” continued Bergen, “that our Chairman is taking the closest possible personal interest in this case, and I am reporting directly to him about every development.”
“Good,” said Denis. “But at the risk of repeating myself, what sort of security system could ever allow this to happen?”
“We have what we have always believed to be one of the best and safest security systems ever devised,” explained Bergen. “It is only a few years old, and is widely used by most of the major banks in the world. Indeed, the core system is, I understand, also used by the military, so you are probably familiar with it. It has a unique reputation for infallibility and reliability, and uses the most modern and robust encryption systems. It is generally reckoned to be impregnable, although I have to say that frequent attempts are made to compromise it.”
“By hackers, you mean?” asked Denis.
“Exactly,” agreed Bergen.
“So perhaps this was a hacker at work,” suggested Hood.
“I would say that is highly unlikely, if not impossible.”
“How can you be so sure?” asked Denis Hood.
“Well, let’s assume for a moment that a hacker was able to penetrate our security system, and compromised all the log-ins and passwords which protect individual deposits to gain access to Ms. Hood’s account. Why would he then deposit two million pounds into the account of a perfect stranger, only to take it out again a short time later?” queried Bergen.
“Perhaps because he realised he’d made a mistake, and had put it into the wrong account - somebody else’s rather than his own, for instance,” suggested Denis.
“If that was the case,” responded Bergen, “he would have taken it all back at the same time, not in two separate transactions. What happened just doesn’t make sense.”
“Certainly not rational behaviour,” agreed Denis. “You really do need to know where the money came from, don’t you, to even begin to understand what’s going on and who might be behind it.”
“And that’s if you assume that the person responsible for depositing the cash was also responsible for withdrawing it,” suggested van Hague.
“Has to be, doesn’t it?” asked Denis Hood. “It would be too much of a coincidence for two people to be able to access the account, surely?”
“Unless they were working together,” replied Bergen. “But the question remains ‘why’?”
“So you’ve finally drawn a blank, have you?” asked Denis.
“Not quite finally,” said Bergen. “It is remotely possible that it could just be an inside job. A member of staff somewhere who has access to codes and so on, could have been playing around. That’s our present line of enquiry, but frankly I can’t imagine it will get us anywhere, not least because nothing quite explains the deposit followed by a withdrawal. Anyone intent on nicking two million quid would almost certainly put it in to their own account or a phantom account specially opened for the purpose, and not use someone else’s.”
“So how can you check that?” asked Denis.
“We have identified a few individuals who could have access to all the information necessary to work through the security systems, and we have applied to magistrates for authority to view their accounts. So we shall see. One of the individuals is the Chairman, as a matter of interest!”
“Does he know?” asked Denis.
“He does now,” replied Bergen. “In the end, I thought it best to tell him! But I am also going to mention the whole affair informally to my opposite number at the Bank of England. Eventually, I shall have to submit a formal report about the affair, but I wanted to talk things through with you first of all.”
“Kind of you,” replied Denis. “Remind me who your opposite number is these days.”
“It’s a chap called Alistair Vaughan, a retired Head of the Serious Fraud Squad at the Yard,” replied Bergen. “I’m meeting him for lunch later. Don’t tell me you know him?”
“Oddly enough, I know his predecessor quite well - a retired Air Commodore Paul Bridges, who was once RAF Provost Marshal, and who now works in the Cabinet Office. As it happens, I’m seeing him for lunch today, too.”
“Well I’m damned!” exclaimed Bergen. “Small world, isn’t it?”
“We must swap notes later,” said Denis, “and I especially need to know what, if anything you discover. My Aunt is not at all well at present, and I may soon be called upon to administer her estate, so it would be helpful to have all this sorted out before then. Between us, we shall need to agree how to handle the mysterious two million pounds.”
“Yes, of course, we shall meet again to agree that,” said Bergen. “As I indicated, I am not at all hopeful that we shall ever trace the origin or destination of the money, but I will let you know. In the meantime, I can tell you that the Chairman has agreed that Ms. Hood will continue to receive interest on the full amount deposited until we agree to close the case, since legally it was our responsibility to keep the deposit secure.”
“That seems entirely satisfactory to me,” replied Denis, “at least until we can be quite sure that the deposit was not specifically intended to be for my Aunt’s benefit. Although, we shall never really be sure of that unless you can trace its source.”
***
Lunch at the RAF Club in Piccadilly, where Denis Hood met Paul Bridges, was a far more relaxed affair than lunch at Simpson’s in the Strand, where Jan Bergen met Alistair Vaughan from the Bank of England.
For one thing, Denis and Paul were old friends and colleagues, whereas Bergen and Vaughan had only met a couple of times before, and then only over official business. This was business, too, in a way, although both men knew that it was to be an informal, almost ‘off the record’ meeting. Bergen’s Dutch bank was obviously not one of the UK’s ‘big five’ banks, but since it was trading in the UK it had to abide by the same rules and regulations, laid down by the Bank of England and other City financial regulatory bodies, that applied to any other bank. Bergen and his London office Chairman knew they had to toe the fiscal line, and that eventually they would have to file an official report to the Bank of England about the mysterious episode of Ms. Hood’s account, but they had accepted that it would be sensible to raise it informally first. Although the Head of Computer Services had offered to meet his opposite number in Threadneedle Street to discuss it, they had eventually agreed that the security aspects of the case would probably be a better starting point.
So Jan Bergen had been put in to open the batting, so to speak, and hoped that his limited acquaintance with Vaughan would be enough to get a feel for how the issue should be taken forward formally at a later date.
Certainly, Vaughan had greeted him warmly enough, and they soon relaxed into conversation on all sorts of subjects, both personal and professional. Eventually, Alistair Vaughan raised the object of their meeting.
“I gather you wanted to discuss a security issue that’s bothering you,” he said.
“Well yes I did, if you don’t mind,” replied Bergen. “An altogether extraordinary thing has happen to one of our accounts, and I would welcome your view, informally of course. I believe we shall eventually be required to report it to you formally, but I wanted to take your mind on it first in case you had any idea what else we might do to try to solve the mystery before we tell you about it officially.”
Bergen succinctly outlined the events surrounding the account held by Ms. Gladys Hood, of whom nobody had heard until she suddenly inherited two million pounds, only to lose it again just as suddenly.
“All we know about the transactions,” admitted Bergen, “is that they both took place through the clearing system via the Internet, but we have absolutely no idea where the money came from to get into the BACS, or where it went to afterwards.”
Vaughan frowned. “I find that difficult to believe.”
“So do we,” agreed Bergen. “But it’s happened, and it happened to us. We use the same basic computer security and cryptography system that all the major banks use, by the way.”
“Tell me about the checks you’ve carried out,” demanded Vaughan.
Jan Bergen did so. “Apart from all the technical and security checks we could possibly think of, I have also interviewed Ms. Hood’s nephew, earlier today as a matter of fact, who happens to have power of attorney over her affairs. He has been through all the paperwork about her estate, and between us we went through her account again. He seems as bemused by the whole affair as we are. We are also checking key staff who just could have been responsible, although so far we have drawn a blank there, too. I can tell you that the Chairman wasn’t best amused when we told him that he had been included in that little exercise, but he eventually agreed that it was the best thing to do. You know, there are two particularly odd things about all this,” he added.
“Only two?” queried Vaughan.
“I agree that the whole thing is bizarre,” said Bergen, “but the fact is that any motive totally escapes me. Someone has put money into the account of a complete stranger, we assume, rather than his or her own account, only to remove it again days later. You would know better than I, with your background, but that doesn’t seem rational or sensible or the work of a felon, if you ask me.”
“I tend to agree,” said the ex-Fraud Squad chief. “What’s the second thing?”
“The money involved,” stated Bergen. “A nice round figure, with no odd shillings and pence attached, so it obviously isn’t a dividend of any sort. But why two million, rather than two thousand or some other figure? And why deposit it in one dollop and remove it in two? It beats me, the whole thing.”
“Very odd,” agreed Vaughan, still frowning. He sipped his claret, thoughtfully.
“Tell me,” he asked Bergen. “Why do you assume this to be the work of a complete stranger? Why can’t it be a friend or relation of Ms. Hood?”
“For one thing, Denis Hood, her nephew, is the only immediate relative she has, and I’m sure it’s not him playing around, even though he does have power of attorney. If he were going to put two million quid into her account by some means so as to enhance his legacy, he’d have left it there. And according to him, she has no real friends, either. She’s been in a nursing home for some time, and is now in a hospice.”
“What’s Denis Hood’s background?” asked Vaughan.
“Retired RAF Group Captain, now working in the aviation industry,” replied Bergen. “Seems beyond reproach, to me. As a matter of interest, he’s even now lunching with your predecessor at the RAF Club - knows him well, apparently.”
“Small world,” said Vaughan. “Perhaps I’ll give Paul Bridges a ring later, to see if this particular subject came up.”
“Any idea what else we might do, before we submit a formal report?” asked Bergen. “I suppose we shall have to, having ‘lost’ two million pounds.”
“Yes, I’m afraid you will eventually,” replied Vaughan, “but not yet if you don’t mind. I’d like to do a bit more digging myself first.”
“My Chairman, for understandable reasons, is keen to draw a line under this case as soon as possible,” said Bergen. “Not least because he has agreed to pay the Hoods interest on the deposit until we do so.”
“I’ll let you know as soon as possible, then,” replied Vaughan. He paused for a moment.
“I suppose by any chance you don’t happen to have the dates with you when these transactions took place?” he asked.
“I’m afraid not,” replied Jan Bergen, mystified, “but I can soon get them for you if you want them. Are they important?”
“Probably not,” replied Alistair Vaughan. “But I had a call the other day from a contact at Global Crossroads - you know, the people who run the secure Internet switching service - and they have apparently had more than a few blips on the system recently. The sort they get from their intrusion detection system when hackers are trying to get in to it,” he explained.
“And you think there could be a connection?” queried Bergen.
“It might just be worth checking out,” replied Vaughan. “The system automatically switches between servers when there is a threat of some interruption, and then reverts to the normal links when the threat has passed. They can quite often find out who is responsible, or where they are operating from, but in some recent cases, there seems to have been no clue at all.”
He paused briefly, and looked at Bergen as if judging whether or not he could trust the man.
“No clue at all,” he added eventually, “except, that is, that in each case the transactions were made over the Internet, and appeared to be coming through the clearing system, although it was plainly outside interference of some sort.”
“How very odd,” agreed Bergen.
“Exactly,” said Vaughan. “I’d just like to check your dates against theirs, that’s all. Just in case. It would just be too much of a coincidence if they matched.”
“It probably wouldn’t get us any closer to tracing the source of the two million quid though, would it?”
“Probably not,” said Vaughan again. “To be honest, it isn’t the sums of money that interest me so much as the fact that they appear to be unauthorised transactions. So I’d still like to have the dates, if I may.”
“I’ll phone them through to you later today,” promised Bergen.
He did, and some of them matched exactly.
***
Bill Denning was one of the key managers within the Global Crossroads organisation. It was his job to oversee the monitoring of their whole operation, and to ensure that any interruptions to the service they provided to their customers were immediately rectified. It was a 24-hour/seven day a week responsibility.
The GXR operations room was in the bunker beneath what was once the Financial Times building at Canary Wharf in the Docklands area of East London. International businesses and organisations that needed to transmit information and data securely and reliably over the Internet depended on Global Crossroads to provide that service.
Bill knew full well that the organisation had a unique record, and it was a major part of his role to ensure that its reputation was maintained. The sheer volume of their work and the responsibilities they undertook on behalf of others was always a major concern, and often caused him sleepless nights.
For one thing, Global Crossroads had negotiated and signed a unique network security agreement with the US Government, and the UK security services had confirmed that GXR provided one of the most reliable and secure environments available for this sort of activity. For this reason, they were the leading provider in the highly security conscious government communications sector. They had designed, installed and now operated the Government Data Network, providing secure data services both nationwide and internationally, as well as a fully managed telecommunications service supporting over 90,000 end users in over 90 UK government departments and agencies. GXR also provided a secure networking service to the Royal Air Force and had a framework agreement to provide similar services to the 26 member countries of NATO. As if this wasn’t enough for him to worry about, his organisation also provided a secure communications network linking 240 British Embassies to the Foreign and Commonwealth Office.
But at the moment, it was none of this Government activity that bothered him.
Something was wrong in the banking sector of GXR’s operations.
The facilities required for the international banking community were very similar to those required by the government and the armed services. Indeed, banks used the same IBM 4758 crypto-processors that were used by the military and governments across the world to encode highly sensitive information sent over their networks. Bill’s organisation had provided them with a further vast array of secure network services, which overlaid their own systems, to meet their individual business needs. They had helped the banks with business continuity planning and disaster recovery, as well as providing back-up network design strategies and installing a leading-edge self-healing architecture to ensure the reliability of the whole operation. Like the government, and other organisations for whom Bill’s company provided facilities, the banks’ major need was for security and privacy, but given the differing global timescales in which the banking community operated, they also required total 24-hour reliability.
What Bill and his team monitored was the integrated international network system that had been established to meet this requirement. They had developed and installed a rapid reaction automated fault detection protocol that offered a unique level of monitoring and control for the banks’ worldwide operations. It wasn’t as if this managed security service, as it was known, was simply installed and left to get on with it. As its name implied, it was ‘managed’. Constantly monitored. Every aspect of it, like the Intrusion Detection system, which looked for attempts to interfere with the integrity of the system from inside as well as outside the organisation. So was the Intrusion Prevention system, and the Email Security Service, and the Firewall. Everything that went to make up the Managed Security Service as a whole was constantly monitored by GXR.
And yet, in spite of all that - together with the banks’ own sophisticated security systems, which were themselves deemed to be impregnable - in spite of all that, it appeared that someone, somewhere, had managed to gain unauthorised access.
Bill and his colleague Alan Dale, who looked after the banking section, were together in the Ops. Room, looking at the schematic world map - rather like the London Underground map - which showed all the links and connections that the banks used for their international operations. While the lines showed green, everything was working and all the connections were in place. Any fault, or break in the service showed up in a pulsating red. It updated itself every ten minutes.
Alan indicated a short section in Colombia, showing red.
“Look at that,” he exclaimed, pointing. “Some silly bugger has put his drill through the fibre optic cable again - that must be the third time. The sooner they finish that by-pass round Bogotß, the better.”
He grabbed the phone, and got through to their man on the spot, who would have to sort the problem and arrange for computers to be re-programmed. Meanwhile, traffic between the banks’ computers had automatically been rerouted. There would have been a short interruption to the service, but probably no one had noticed. Except the people GXR, whose job it was to notice, and to manage the system on behalf of their clients.
Alan finished his call.
“He wasn’t best pleased,” he said. “Columbia’s five hours behind us, and he was still in bed. But he called up the map on his laptop, and could immediately see the problem, so is getting on with it.”
“These things happen,” commented Bill. “But it’s the series of unexplained interruptions that concern me at the moment.”
“Me too,” agreed Alan. “I’ve been through the logs again, I still can’t turn up any clue as to what might have caused them. The only thing I’m sure about is that it’s not us.”
“So far as you can tell, there’s nothing wrong with the integrity of our systems?” asked Bill.
“Nothing,” Alan reassured him.
“I’ll tell you why I wanted to meet you here,” said Bill. “You remember that I told our chum Alistair Vaughan at the Bank of England about the recent unexplained blips?”
Alan nodded.
“Well, he’s been back on to me,” continued Denning, “to say that a couple of the dates matched what he called ‘incidents’ that had been reported to him by another bank.”
“What sort of ‘incident’?” asked Dale.
“He wouldn’t say, I suppose for obvious reasons. But he did ask if we could look again at those log entries specifically. He’s particularly looking for clues about where the possible intrusions took place.”
“Well, we can look again, but we won’t find anything, I’ll bet.”
“I told him that,” replied Denning, “but said we’d check for the umpteenth time. These are the ones he’s interested in.”
Alan Dale looked at the piece of paper Bill Denning handed him, and pulled up the log on the computer.
“Our big problem