By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
Its success, based on painstaking investigation and international police co-operation, thwarted an audacious robbery and made a welcome change from the normal diet of doom and gloom that surrounds IT security.
The Hi-Tech Crime Unit and Sumitomo's own security staff first became aware of the attempted theft last October. Since then they were able to set a trap for the criminals and warn financial institutions in the City to be on their guard.
They were also able to allow the bank to continue its day-to-day business seemingly unhindered while the honey pot was baited.
This is an important point for any organisation that finds itself the victim of cybercrime or fears it is under attack.
The police have long complained that organisations that are the victims of computer crime are reluctant to come forward for fear an investigation will cripple their business as the police seize servers and PCs as evidence.
On the other hand, businesses have repeatedly complained that the police lack the skills and resources to properly investigate cybercrime.
The operation which came to light last week shows the importance of reporting cybercrime - even if it seems insignificant compared to the size of the attempted heist at Sumitomo. It provides a model of the sort of police practice an organisation can expect if it calls in the cybercops.
It also provides an opportunity to revisit IT security policy and justify spending - whether it is the police asking for more resources for their computer crime teams, or the IT department of a medium-sized engineering factory asking for the resources to implement and manage an intrusion detection system.
IT security spending is generally driven by fear - fear of the damage hackers can do to an organisation and fear of failing to comply with the demands of regulators - but fear alone will not impress the board.
If IT departments can come up with a balanced risk analysis to present to the board, they will, in the aftermath of the police success at Sumitomo, get a more than usually sympathetic hearing.