09-01-2008, 07:52 PM
Hackers resort to 'sick' kidnap spam (Click to View)
Hackers are claiming they have kidnapped children in a bid to infect PCs with a Trojan Horse virus, says Sophos.
The security firm is warning users that e-mails entitled "We have hijacked your baby" are being sent to Web users around the globe. As well as asking for a $50,000 ransom for the "release" of the child, the messages also contain an attachment supposed to be a photograph of the child. Instead the file actually contains a Trojan horse that will steal personal information.
"Receiving or reading these widespread emails themselves does not mean you are infected, but if users open the attachment they will be infecting their Windows computer, they will give hackers an open door to take control and steal information," said Graham Cluley, senior technology consultant for Sophos.
"There's no other way of putting it -- this attack is sick. Hackers have no qualms about exploiting a family's natural instinct to defend its most vulnerable members," added Cluley.
The security firm is warning users that e-mails entitled "We have hijacked your baby" are being sent to Web users around the globe. As well as asking for a $50,000 ransom for the "release" of the child, the messages also contain an attachment supposed to be a photograph of the child. Instead the file actually contains a Trojan horse that will steal personal information.
"Receiving or reading these widespread emails themselves does not mean you are infected, but if users open the attachment they will be infecting their Windows computer, they will give hackers an open door to take control and steal information," said Graham Cluley, senior technology consultant for Sophos.
"There's no other way of putting it -- this attack is sick. Hackers have no qualms about exploiting a family's natural instinct to defend its most vulnerable members," added Cluley.
Revealed: The Internet's Biggest Security Hole (Click to View)
Two security researchers have demonstrated a new technique to stealthily intercept internet traffic on a scale previously presumed to be unavailable to anyone outside of intelligence agencies like the National Security Agency.
The tactic exploits the internet routing protocol BGP (Border Gateway Protocol) to let an attacker surreptitiously monitor unencrypted internet traffic anywhere in the world, and even modify it before it reaches its destination.
The demonstration is only the latest attack to highlight fundamental security weaknesses in some of the internet's core protocols. Those protocols were largely developed in the 1970s with the assumption that every node on the then-nascent network would be trustworthy. The world was reminded of the quaintness of that assumption in July, when researcher Dan Kaminsky disclosed a serious vulnerability in the DNS system. Experts say the new demonstration targets a potentially larger weakness.
"It's a huge issue. It's at least as big an issue as the DNS issue, if not bigger," said Peiter "Mudge" Zatko, noted computer security expert and former member of the L0pht hacking group, who testified to Congress in 1998 that he could bring down the internet in 30 minutes using a similar BGP attack, and disclosed privately to government agents how BGP could also be exploited to eavesdrop. "I went around screaming my head about this about ten or twelve years ago.... We described this to intelligence agencies and to the National Security Council, in detail."
The man-in-the-middle attack exploits BGP to fool routers into re-directing data to an eavesdropper's network.
Anyone with a BGP router (ISPs, large corporations or anyone with space at a carrier hotel) could intercept data headed to a target IP address or group of addresses. The attack intercepts only traffic headed to target addresses, not from them, and it can't always vacuum in traffic within a network -- say, from one AT&T customer to another.
The method conceivably could be used for corporate espionage, nation-state spying or even by intelligence agencies looking to mine internet data without needing the cooperation of ISPs.
BGP eavesdropping has long been a theoretical weakness, but no one is known to have publicly demonstrated it until Anton "Tony" Kapela, data center and network director at 5Nines Data, and Alex Pilosov, CEO of Pilosoft, showed their technique at the recent DefCon hacker conference. The pair successfully intercepted traffic bound for the conference network and redirected it to a system they controlled in New York before routing it back to DefCon in Las Vegas.
The technique, devised by Pilosov, doesn't exploit a bug or flaw in BGP. It simply exploits the natural way BGP works.
"We're not doing anything out of the ordinary," Kapela told Wired.com. "There's no vulnerabilities, no protocol errors, there are no software problems. The problem arises (from) the level of interconnectivity that's needed to maintain this mess, to keep it all working."
The issue exists because BGP's architecture is based on trust. To make it easy, say, for e-mail from Sprint customers in California to reach Telefonica customers in Spain, networks for these companies and others communicate through BGP routers to indicate when they're the quickest, most efficient route for the data to reach its destination. But BGP assumes that when a router says it's the best path, it's telling the truth. That gullibility makes it easy for eavesdroppers to fool routers into sending them traffic.
Here's how it works. When a user types a website name into his browser or clicks "send" to launch an e-mail, a Domain Name System server produces an IP address for the destination. A router belonging to the user's ISP then consults a BGP table for the best route. That table is built from announcements, or "advertisements," issued by ISPs and other networks -- also known as Autonomous Systems, or ASes -- declaring the range of IP addresses, or IP prefixes, to which they'll deliver traffic.
The routing table searches for the destination IP address among those prefixes. If two ASes deliver to the address, the one with the more specific prefix "wins" the traffic. For example, one AS may advertise that it delivers to a group of 90,000 IP addresses, while another delivers to a subset of 24,000 of those addresses. If the destination IP address falls within both announcements, BGP will send data to the narrower, more specific one.
To intercept data, an eavesdropper would advertise a range of IP addresses he wished to target that was narrower than the chunk advertised by other networks. The advertisement would take just minutes to propagate worldwide, before data headed to those addresses would begin arriving to his network.
The attack is called an IP hijack and, on its face, isn't new.
But in the past, known IP hijacks have created outages, which, because they were so obvious, were quickly noticed and fixed. That's what occurred earlier this year when Pakistan Telecom inadvertently hijacked YouTube traffic from around the world. The traffic hit a dead-end in Pakistan, so it was apparent to everyone trying to visit YouTube that something was amiss.
Pilosov's innovation is to forward the intercepted data silently to the actual destination, so that no outage occurs.
Ordinarily, this shouldn't work -- the data would boomerang back to the eavesdropper. But Pilosov and Kapela use a method called AS path prepending that causes a select number of BGP routers to reject their deceptive advertisement. They then use these ASes to forward the stolen data to its rightful recipients.
"Everyone ... has assumed until now that you have to break something for a hijack to be useful," Kapela said. "But what we showed here is that you don't have to break anything. And if nothing breaks, who notices?"
Stephen Kent, chief scientist for information security at BBN Technologies, who has been working on solutions to fix the issue, said he demonstrated a similar BGP interception privately for the Departments of Defense and Homeland Security a few years ago.
Kapela said network engineers might notice an interception if they knew how to read BGP routing tables, but it would take expertise to interpret the data.
A handful of academic groups collect BGP routing information from cooperating ASes to monitor BGP updates that change traffic's path. But without context, it can be difficult to distinguish a legitimate change from a malicious hijacking. There are reasons traffic that ordinarily travels one path could suddenly switch to another -- say, if companies with separate ASes merged, or if a natural disaster put one network out of commission and another AS adopted its traffic. On good days, routing paths can remain fairly static. But "when the internet has a bad hair day," Kent said, "the rate of (BGP path) updates goes up by a factor of 200 to 400."
Kapela said eavesdropping could be thwarted if ISPs aggressively filtered to allow only authorized peers to draw traffic from their routers, and only for specific IP prefixes. But filtering is labor intensive, and if just one ISP declines to participate, it "breaks it for the rest of us," he said.
"Providers can prevent our attack absolutely 100 percent," Kapela said. "They simply don't because it takes work, and to do sufficient filtering to prevent these kinds of attacks on a global scale is cost prohibitive."
Filtering also requires ISPs to disclose the address space for all their customers, which is not information they want to hand competitors.
Filtering isn't the only solution, though. Kent and others are devising processes to authenticate ownership of IP blocks, and validate the advertisements that ASes send to routers so they don't just send traffic to whoever requests it.
Under the scheme, the five regional internet address registries would issue signed certificates to ISPs attesting to their address space and AS numbers. The ASes would then sign an authorization to initiate routes for their address space, which would be stored with the certificates in a repository accessible to all ISPs. If an AS advertised a new route for an IP prefix, it would be easy to verify if it had the right to do so.
The solution would authenticate only the first hop in a route to prevent unintentional hijacks, like Pakistan Telecom's, but wouldn't stop an eavesdropper from hijacking the second or third hop.
For this, Kent and BBN colleagues developed Secure BGP (SBGP), which would require BGP routers to digitally sign with a private key any prefix advertisement they propagated. An ISP would give peer routers certificates authorizing them to route its traffic; each peer on a route would sign a route advertisement and forward it to the next authorized hop.
"That means that nobody could put themselves into the chain, into the path, unless they had been authorized to do so by the preceding AS router in the path," Kent said.
The drawback to this solution is that current routers lack the memory and processing power to generate and validate signatures. And router vendors have resisted upgrading them because their clients, ISPs, haven't demanded it, due to the cost and man hours involved in swapping out routers.
Douglas Maughan, cybersecurity research program manager for the DHS's Science and Technology Directorate, has helped fund research at BBN and elsewhere to resolve the BGP issue. But he's had little luck convincing ISPs and router vendors to take steps to secure BGP.
"We haven't seen the attacks, and so a lot of times people don't start working on things and trying to fix them until they get attacked," Maughan said. "(But) the YouTube (case) is the perfect example of an attack where somebody could have done much worse than what they did."
ISPs, he said, have been holding their breath, "hoping that people don’t discover (this) and exploit it."
"The only thing that can force them (to fix BGP) is if their customers ... start to demand security solutions," Maughan said.
The tactic exploits the internet routing protocol BGP (Border Gateway Protocol) to let an attacker surreptitiously monitor unencrypted internet traffic anywhere in the world, and even modify it before it reaches its destination.
The demonstration is only the latest attack to highlight fundamental security weaknesses in some of the internet's core protocols. Those protocols were largely developed in the 1970s with the assumption that every node on the then-nascent network would be trustworthy. The world was reminded of the quaintness of that assumption in July, when researcher Dan Kaminsky disclosed a serious vulnerability in the DNS system. Experts say the new demonstration targets a potentially larger weakness.
"It's a huge issue. It's at least as big an issue as the DNS issue, if not bigger," said Peiter "Mudge" Zatko, noted computer security expert and former member of the L0pht hacking group, who testified to Congress in 1998 that he could bring down the internet in 30 minutes using a similar BGP attack, and disclosed privately to government agents how BGP could also be exploited to eavesdrop. "I went around screaming my head about this about ten or twelve years ago.... We described this to intelligence agencies and to the National Security Council, in detail."
The man-in-the-middle attack exploits BGP to fool routers into re-directing data to an eavesdropper's network.
Anyone with a BGP router (ISPs, large corporations or anyone with space at a carrier hotel) could intercept data headed to a target IP address or group of addresses. The attack intercepts only traffic headed to target addresses, not from them, and it can't always vacuum in traffic within a network -- say, from one AT&T customer to another.
The method conceivably could be used for corporate espionage, nation-state spying or even by intelligence agencies looking to mine internet data without needing the cooperation of ISPs.
BGP eavesdropping has long been a theoretical weakness, but no one is known to have publicly demonstrated it until Anton "Tony" Kapela, data center and network director at 5Nines Data, and Alex Pilosov, CEO of Pilosoft, showed their technique at the recent DefCon hacker conference. The pair successfully intercepted traffic bound for the conference network and redirected it to a system they controlled in New York before routing it back to DefCon in Las Vegas.
The technique, devised by Pilosov, doesn't exploit a bug or flaw in BGP. It simply exploits the natural way BGP works.
"We're not doing anything out of the ordinary," Kapela told Wired.com. "There's no vulnerabilities, no protocol errors, there are no software problems. The problem arises (from) the level of interconnectivity that's needed to maintain this mess, to keep it all working."
The issue exists because BGP's architecture is based on trust. To make it easy, say, for e-mail from Sprint customers in California to reach Telefonica customers in Spain, networks for these companies and others communicate through BGP routers to indicate when they're the quickest, most efficient route for the data to reach its destination. But BGP assumes that when a router says it's the best path, it's telling the truth. That gullibility makes it easy for eavesdroppers to fool routers into sending them traffic.
Here's how it works. When a user types a website name into his browser or clicks "send" to launch an e-mail, a Domain Name System server produces an IP address for the destination. A router belonging to the user's ISP then consults a BGP table for the best route. That table is built from announcements, or "advertisements," issued by ISPs and other networks -- also known as Autonomous Systems, or ASes -- declaring the range of IP addresses, or IP prefixes, to which they'll deliver traffic.
The routing table searches for the destination IP address among those prefixes. If two ASes deliver to the address, the one with the more specific prefix "wins" the traffic. For example, one AS may advertise that it delivers to a group of 90,000 IP addresses, while another delivers to a subset of 24,000 of those addresses. If the destination IP address falls within both announcements, BGP will send data to the narrower, more specific one.
To intercept data, an eavesdropper would advertise a range of IP addresses he wished to target that was narrower than the chunk advertised by other networks. The advertisement would take just minutes to propagate worldwide, before data headed to those addresses would begin arriving to his network.
The attack is called an IP hijack and, on its face, isn't new.
But in the past, known IP hijacks have created outages, which, because they were so obvious, were quickly noticed and fixed. That's what occurred earlier this year when Pakistan Telecom inadvertently hijacked YouTube traffic from around the world. The traffic hit a dead-end in Pakistan, so it was apparent to everyone trying to visit YouTube that something was amiss.
Pilosov's innovation is to forward the intercepted data silently to the actual destination, so that no outage occurs.
Ordinarily, this shouldn't work -- the data would boomerang back to the eavesdropper. But Pilosov and Kapela use a method called AS path prepending that causes a select number of BGP routers to reject their deceptive advertisement. They then use these ASes to forward the stolen data to its rightful recipients.
"Everyone ... has assumed until now that you have to break something for a hijack to be useful," Kapela said. "But what we showed here is that you don't have to break anything. And if nothing breaks, who notices?"
Stephen Kent, chief scientist for information security at BBN Technologies, who has been working on solutions to fix the issue, said he demonstrated a similar BGP interception privately for the Departments of Defense and Homeland Security a few years ago.
Kapela said network engineers might notice an interception if they knew how to read BGP routing tables, but it would take expertise to interpret the data.
A handful of academic groups collect BGP routing information from cooperating ASes to monitor BGP updates that change traffic's path. But without context, it can be difficult to distinguish a legitimate change from a malicious hijacking. There are reasons traffic that ordinarily travels one path could suddenly switch to another -- say, if companies with separate ASes merged, or if a natural disaster put one network out of commission and another AS adopted its traffic. On good days, routing paths can remain fairly static. But "when the internet has a bad hair day," Kent said, "the rate of (BGP path) updates goes up by a factor of 200 to 400."
Kapela said eavesdropping could be thwarted if ISPs aggressively filtered to allow only authorized peers to draw traffic from their routers, and only for specific IP prefixes. But filtering is labor intensive, and if just one ISP declines to participate, it "breaks it for the rest of us," he said.
"Providers can prevent our attack absolutely 100 percent," Kapela said. "They simply don't because it takes work, and to do sufficient filtering to prevent these kinds of attacks on a global scale is cost prohibitive."
Filtering also requires ISPs to disclose the address space for all their customers, which is not information they want to hand competitors.
Filtering isn't the only solution, though. Kent and others are devising processes to authenticate ownership of IP blocks, and validate the advertisements that ASes send to routers so they don't just send traffic to whoever requests it.
Under the scheme, the five regional internet address registries would issue signed certificates to ISPs attesting to their address space and AS numbers. The ASes would then sign an authorization to initiate routes for their address space, which would be stored with the certificates in a repository accessible to all ISPs. If an AS advertised a new route for an IP prefix, it would be easy to verify if it had the right to do so.
The solution would authenticate only the first hop in a route to prevent unintentional hijacks, like Pakistan Telecom's, but wouldn't stop an eavesdropper from hijacking the second or third hop.
For this, Kent and BBN colleagues developed Secure BGP (SBGP), which would require BGP routers to digitally sign with a private key any prefix advertisement they propagated. An ISP would give peer routers certificates authorizing them to route its traffic; each peer on a route would sign a route advertisement and forward it to the next authorized hop.
"That means that nobody could put themselves into the chain, into the path, unless they had been authorized to do so by the preceding AS router in the path," Kent said.
The drawback to this solution is that current routers lack the memory and processing power to generate and validate signatures. And router vendors have resisted upgrading them because their clients, ISPs, haven't demanded it, due to the cost and man hours involved in swapping out routers.
Douglas Maughan, cybersecurity research program manager for the DHS's Science and Technology Directorate, has helped fund research at BBN and elsewhere to resolve the BGP issue. But he's had little luck convincing ISPs and router vendors to take steps to secure BGP.
"We haven't seen the attacks, and so a lot of times people don't start working on things and trying to fix them until they get attacked," Maughan said. "(But) the YouTube (case) is the perfect example of an attack where somebody could have done much worse than what they did."
ISPs, he said, have been holding their breath, "hoping that people don’t discover (this) and exploit it."
"The only thing that can force them (to fix BGP) is if their customers ... start to demand security solutions," Maughan said.
Network notary system thwarts man-in-the-middle attacks (Click to View)
A new system devised by Carnegie Mellon University researchers aims to thwart man-in-the-middle (MitM) attacks by providing a way to verify the authenticity of self-signed certificates. The system, which is called Perspectives, uses a distributed network of "notary" servers to evaluate the public key of a target destination so that its validity can be ascertained.
The growing presence of public wireless access points puts more users at risk of falling prey to man-in-the-middle attacks. The researchers believe that the Perspectives system can resolve this problem and offer reasonably strong security guarantees for users who visit web sites that have self-signed certificates instead of certificates that are independently validated by certificate authorities.
The client-side component of Perspectives is implemented as a Firefox browser extension that communicates with notary servers. When the user visits a page with a self-signed certificate, the Perspective add-on requests validation from the notary servers, which then send back the public key of the target destination. The key retrieved from the notaries can then be compared with the key obtained by the user's browser in order to determine if a MitM attack is being perpetrated.
Retrieving keys from multiple notaries will help protect the user by ensuring that public key authenticity is verified accurately even in the event that an individual notary server is compromised. Users can specify the level of redundancy that they require for a key to be considered valid. For additional protection, the notary servers also cache keys and recheck them periodically so that they can detect when keys change over time and factor that into assessments of key validity.
Typical MitM attacks will not be able to inject false responses into traffic to or from notaries because each is secured by a key signature. An attack that merely blocks access to notaries will fail as well, because the browser extension will only verify the authenticity of a public key if it can obtain comparison keys from the notary servers.
"To enhance security without requiring a PKI, we designed Perspectives to supplement [Trust-on-first-use] applications with spatial and temporal redundancy," the researchers wrote in a paper. "Our implementation demonstrates that the notary concept is practical, and after using our Perspectives clients for nearly a year, we have found them invaluable at several occasions: when logging in to a new server while connecting through a public wireless network, or when connecting to a known server after a server key change."
The current notary servers are all operated by CMU, but the researchers hope that other institutions will voluntarily run additional servers to expand the network. There are obvious privacy implications associated with using the service, but the researchers claim that the notary servers do not log IP addresses and that all other notary servers will be required to commit to the same privacy standards. The server software is written in C and uses the Berkeley DB for storing data. Benchmarking tests demonstrate that, on relatively modest hardware, notary servers could answer more than 20,000 queries per second.
I downloaded the Firefox extension and tested it with Firefox 3.0.1 on Ubuntu Linux. The software performed as expected during my tests. It is implemented with a combination of C++ and JavaScript and didn't appear to have a noticeable impact on Firefox performance or reliability. In addition to developing a Firefox plug-in, the researchers also experimentally modified OpenSSH to give it notary validation capabilities.
Although the Perspectives software can't universally mitigate MitM attacks, it provides strong protection and demonstrable efficacy in thwarting many common MitM attacks.
The growing presence of public wireless access points puts more users at risk of falling prey to man-in-the-middle attacks. The researchers believe that the Perspectives system can resolve this problem and offer reasonably strong security guarantees for users who visit web sites that have self-signed certificates instead of certificates that are independently validated by certificate authorities.
The client-side component of Perspectives is implemented as a Firefox browser extension that communicates with notary servers. When the user visits a page with a self-signed certificate, the Perspective add-on requests validation from the notary servers, which then send back the public key of the target destination. The key retrieved from the notaries can then be compared with the key obtained by the user's browser in order to determine if a MitM attack is being perpetrated.
Retrieving keys from multiple notaries will help protect the user by ensuring that public key authenticity is verified accurately even in the event that an individual notary server is compromised. Users can specify the level of redundancy that they require for a key to be considered valid. For additional protection, the notary servers also cache keys and recheck them periodically so that they can detect when keys change over time and factor that into assessments of key validity.
Typical MitM attacks will not be able to inject false responses into traffic to or from notaries because each is secured by a key signature. An attack that merely blocks access to notaries will fail as well, because the browser extension will only verify the authenticity of a public key if it can obtain comparison keys from the notary servers.
"To enhance security without requiring a PKI, we designed Perspectives to supplement [Trust-on-first-use] applications with spatial and temporal redundancy," the researchers wrote in a paper. "Our implementation demonstrates that the notary concept is practical, and after using our Perspectives clients for nearly a year, we have found them invaluable at several occasions: when logging in to a new server while connecting through a public wireless network, or when connecting to a known server after a server key change."
The current notary servers are all operated by CMU, but the researchers hope that other institutions will voluntarily run additional servers to expand the network. There are obvious privacy implications associated with using the service, but the researchers claim that the notary servers do not log IP addresses and that all other notary servers will be required to commit to the same privacy standards. The server software is written in C and uses the Berkeley DB for storing data. Benchmarking tests demonstrate that, on relatively modest hardware, notary servers could answer more than 20,000 queries per second.
I downloaded the Firefox extension and tested it with Firefox 3.0.1 on Ubuntu Linux. The software performed as expected during my tests. It is implemented with a combination of C++ and JavaScript and didn't appear to have a noticeable impact on Firefox performance or reliability. In addition to developing a Firefox plug-in, the researchers also experimentally modified OpenSSH to give it notary validation capabilities.
Although the Perspectives software can't universally mitigate MitM attacks, it provides strong protection and demonstrable efficacy in thwarting many common MitM attacks.
Laptop Sold on eBay Exposes 1M Royal Bank of Scotland (RBS), American Express and NatWest Customers (Click to View)
Personal details of more than 1 million customers of Royal Bank of Scotland, American Express and NatWest are found on a computer sold on auction site eBay. RBS said the information included historical data related to credit card applications and data from other banks, but would not disclose further details.The information was being held by archiving firm Graphic Data, which copies paperwork from some of Britain's biggest financial organisations and stores it digitally.
LONDON (Reuters) - Account holders' personal details have been found on a computer sold on eBay, banks said on Tuesday, adding to fears over data security.
Media reports said details of more than a million customers of Royal Bank of Scotland, American Express and NatWest were found on the computer sold for 35 pounds on the auction and shopping website.
RBS said the information included historical data related to credit card applications and data from other banks, but would not disclose further details.
The Daily Mail said names, addresses, mobile phone numbers, bank account numbers, sort codes, credit card numbers, mothers' maiden names and even signatures had been left on the hard drive.
The information was being held by archiving firm Graphic Data, which copies paperwork from some of Britain's biggest financial organisations and stores it digitally.
A former employee sold the computer earlier this month without removing the information, media reports added.
The personal information was discovered when the buyer, an IT manager, looked at the hard drive.
"Graphic Data has confirmed to us that one of their machines appears to have been inappropriately sold on via a third party," RBS said in a statement.
"As a result, historical data relating to credit card applications from some of our customers and data from other banks were not removed."
Graphic Data said in a statement: "The IT equipment that appeared on eBay was neither planned nor instructed by the company to be disposed.
"Investigations are ongoing to find out how this equipment was removed from a secure location."
RBS said it was working to resolve "this regrettable loss with Graphic Data as a matter of urgency".
.
In April, HSBC said a computer disc containing details of nearly 400,000 customers went missing after being sent via Royal Mail courier, while last December Norwich Union Life, one of the UK's largest life insurers, was fined 1.26 million pounds by the regulator for exposing its customers to the risk of fraud.
Last week, the personal details of every prisoner in England and Wales were lost by a government contractor.
That followed earlier breaches including the loss of secret intelligence files, information about millions of child benefit claimants and details about learner drivers going missing.
Liberal Democrat MP Tom Brake said there needed to be a "cultural change" among banks and in government when dealing with sensitive information to prevent the current "slapdash" approach. He called for more stringent penalties when security is breached.
"They have to value the information as if it got into the wrong hands, then they would put the appropriate measures in place," he said.
LONDON (Reuters) - Account holders' personal details have been found on a computer sold on eBay, banks said on Tuesday, adding to fears over data security.
Media reports said details of more than a million customers of Royal Bank of Scotland, American Express and NatWest were found on the computer sold for 35 pounds on the auction and shopping website.
RBS said the information included historical data related to credit card applications and data from other banks, but would not disclose further details.
The Daily Mail said names, addresses, mobile phone numbers, bank account numbers, sort codes, credit card numbers, mothers' maiden names and even signatures had been left on the hard drive.
The information was being held by archiving firm Graphic Data, which copies paperwork from some of Britain's biggest financial organisations and stores it digitally.
A former employee sold the computer earlier this month without removing the information, media reports added.
The personal information was discovered when the buyer, an IT manager, looked at the hard drive.
"Graphic Data has confirmed to us that one of their machines appears to have been inappropriately sold on via a third party," RBS said in a statement.
"As a result, historical data relating to credit card applications from some of our customers and data from other banks were not removed."
Graphic Data said in a statement: "The IT equipment that appeared on eBay was neither planned nor instructed by the company to be disposed.
"Investigations are ongoing to find out how this equipment was removed from a secure location."
RBS said it was working to resolve "this regrettable loss with Graphic Data as a matter of urgency".
.
In April, HSBC said a computer disc containing details of nearly 400,000 customers went missing after being sent via Royal Mail courier, while last December Norwich Union Life, one of the UK's largest life insurers, was fined 1.26 million pounds by the regulator for exposing its customers to the risk of fraud.
Last week, the personal details of every prisoner in England and Wales were lost by a government contractor.
That followed earlier breaches including the loss of secret intelligence files, information about millions of child benefit claimants and details about learner drivers going missing.
Liberal Democrat MP Tom Brake said there needed to be a "cultural change" among banks and in government when dealing with sensitive information to prevent the current "slapdash" approach. He called for more stringent penalties when security is breached.
"They have to value the information as if it got into the wrong hands, then they would put the appropriate measures in place," he said.
Lasers Could Send World's Most Secure Messages Through Space (Click to View)
Finding a way to keep snoops from tapping into other people's information is a challenge that has gone to the subatomic level. First proposed in 1984, quantum cryptography (QC) promises to send coded messages that are, according to the laws of quantum mechanics, impossible to crack. The technique relies on a principle of modern physics called Heisenberg's uncertainty principle, which states that it's impossible to measure something at the subatomic level without altering it.
QC systems send information in the form of a specially prepared stream of photons representing 0s and 1s. If anyone tries to eavesdrop, he unintentionallly alters the photons being transmitted, and the rightful recipient is able to detect the tampering. As a final layer of security, the beam of photons doesn't encode the actual secret message, it just contains an encryption key. So if part of the key is intercepted, the sender and recipient detect the altered photons and discard that part of the key. Once they've transmitted enough photons, the shared key is used to encrypt the message, which can be sent over public communication lines. But the photon key has to arrive reliably at its destination.
Quantum key encryption is one promising method of securing communication, especially if it can be transmitted by satellites. Scientists at an Italian observatory this year succeeded in firing lasers at the mirror-covered Ajisai Japanese satellite, proving that a sequence of photons can travel great distances through space. The laser pulsed photons at the satellite at 17,000 times per second; a fraction bounced back to a telescope at the observatory. On Earth, the longest successful quantum encryption link has been just under 100 miles because the photons scatter as they travel through the air. To reach the satellite, the photons only had to travel through 5 miles of atmosphere during their 1000-mile journey, allowing the sequence to arrive in order.
There have been several recent breakthroughs in quantum cryptography. In August, a team of researchers from the National Institute of Standards and Technology (NIST) took the stage at Caesar's Palace in Las Vegas for a demonstration of its quantum cryptography system at the notorious Black Hat information security conference. Using a laser to send the encryption key across the room, they streamed perfectly secure live video at 300,000 bits per second—as good as YouTube. "That's about two orders of magnitude faster than any other system for quantum key distribution," says NIST engineer Alan Mink.
At the same conference, researchers from the University of Singapore demonstrated a system using pairs of "entangled" photons. Entanglement is a mind-bending feature of quantum mechanics that can allow the physical properties of two particles to be intimately linked even if they're separated by a great distance. This provides an ideal way for a third party—a satellite, for instance—to distribute a perfectly secure key to two parties who wish to exchange a message, no matter where they're located.
Last fall, a secure QC line built by Geneva-based Id Quantique was used to transmit voting data in the Swiss national elections. And New York–based MagiQ Technologies has sold "a moderate number" of systems to clients in military and intelligence agencies, financial institutions and telecom companies, says company spokesman Andrew Hammond. No clients are willing to be named publicly, he says, but the systems sell for between $125,000 and $175,000.
In keeping with the 100-mile practical limit for terrestrial QC, Hammond says MagiQ's systems are best suited for metro-area networks. The company is also in discussions about a possible Washington-to–New York link, in which the signal would be amplified at a network node partway along the route. For international distances, space may be the solution. "We're not capitalized to send up our own satellite," Hammond says, "but from an architecture standpoint, we think it makes a great deal of sense." Mink agrees: though the transmission speed via satellite would initially be very slow, the technology is evolving rapidly. "It can be done," he says. "Definitely."
QC systems send information in the form of a specially prepared stream of photons representing 0s and 1s. If anyone tries to eavesdrop, he unintentionallly alters the photons being transmitted, and the rightful recipient is able to detect the tampering. As a final layer of security, the beam of photons doesn't encode the actual secret message, it just contains an encryption key. So if part of the key is intercepted, the sender and recipient detect the altered photons and discard that part of the key. Once they've transmitted enough photons, the shared key is used to encrypt the message, which can be sent over public communication lines. But the photon key has to arrive reliably at its destination.
Quantum key encryption is one promising method of securing communication, especially if it can be transmitted by satellites. Scientists at an Italian observatory this year succeeded in firing lasers at the mirror-covered Ajisai Japanese satellite, proving that a sequence of photons can travel great distances through space. The laser pulsed photons at the satellite at 17,000 times per second; a fraction bounced back to a telescope at the observatory. On Earth, the longest successful quantum encryption link has been just under 100 miles because the photons scatter as they travel through the air. To reach the satellite, the photons only had to travel through 5 miles of atmosphere during their 1000-mile journey, allowing the sequence to arrive in order.
There have been several recent breakthroughs in quantum cryptography. In August, a team of researchers from the National Institute of Standards and Technology (NIST) took the stage at Caesar's Palace in Las Vegas for a demonstration of its quantum cryptography system at the notorious Black Hat information security conference. Using a laser to send the encryption key across the room, they streamed perfectly secure live video at 300,000 bits per second—as good as YouTube. "That's about two orders of magnitude faster than any other system for quantum key distribution," says NIST engineer Alan Mink.
At the same conference, researchers from the University of Singapore demonstrated a system using pairs of "entangled" photons. Entanglement is a mind-bending feature of quantum mechanics that can allow the physical properties of two particles to be intimately linked even if they're separated by a great distance. This provides an ideal way for a third party—a satellite, for instance—to distribute a perfectly secure key to two parties who wish to exchange a message, no matter where they're located.
Last fall, a secure QC line built by Geneva-based Id Quantique was used to transmit voting data in the Swiss national elections. And New York–based MagiQ Technologies has sold "a moderate number" of systems to clients in military and intelligence agencies, financial institutions and telecom companies, says company spokesman Andrew Hammond. No clients are willing to be named publicly, he says, but the systems sell for between $125,000 and $175,000.
In keeping with the 100-mile practical limit for terrestrial QC, Hammond says MagiQ's systems are best suited for metro-area networks. The company is also in discussions about a possible Washington-to–New York link, in which the signal would be amplified at a network node partway along the route. For international distances, space may be the solution. "We're not capitalized to send up our own satellite," Hammond says, "but from an architecture standpoint, we think it makes a great deal of sense." Mink agrees: though the transmission speed via satellite would initially be very slow, the technology is evolving rapidly. "It can be done," he says. "Definitely."
and hope to go their in a few years, its like right next to me, so even better lol