RBS customers at risk using official cyber-protection software

Directions to use computer security protection by Royal Bank of Scotland (RBS) may have left the bank’s customers exposed to hackers, after glitches were found in the software.

Thor Foresight – a new service open to business banking customers at RBS has been available since the start of 2019. Dubbed a “next generation” level of protection against cyber-attacks, the software’s developer Heimdal Security, has now fixed the flaw which may have left around 50,000 individuals exposed.

While not yet available to RBS and Ulster bank customers, RBS says that the freely accessible software only hit its NatWest account holders. However, no further details have been given by RBS regarding how many customers could be at risk.

Speaking to the BBC news website, security researcher, Ken Munro said:

“We were able to gain access to a victim’s computer very easily. Attackers could have had complete control of that person’s emails, internet history and bank details.

“To do this we had to intercept the user’s internet traffic but that is quite simple to do when you consider the unsecured public Wi-Fi out there, and it’s often all too easy to compromise home Wi-Fi set ups.

“Heimdal Thor is security software that runs at a high level of privilege on a user’s machine. It’s essential that it is held to the highest possible standards. We feel they have fallen far short.”

The programming works by sifting out and identifying common hacking campaigns that are used to intercept sensitive data, or tie information into ransomware.

The issue affecting Heimdal Thor’s software was discovered and reported promptly. The problem has now been rectified, with the IT firm expressing its gratitude to security workers for their swift action in dealing with the bug.

In an official release, Heimdal’s CEO, Morten Kjaersgaard, said:

“We naturally treat information like this very seriously. We issued a fix and automatically updated 97% of all affected endpoints within four days of being informed, and the rest shortly after.”

The firm described the weakness as being “in the wild” for around three weeks, and that around 50,000 computers were affected as a result. The number represents about 8% of devices operating on Heimdal Thor’s programming.

RBS said:

“We were made aware of a potential software issue that could apply to a small number of our early-adopting customers.”

The bank thanked Heimdal’s speed and approach with regard to fixing the problem, before stating that no customers had been hit by adverse consequences.


PrivSec Conferences will bring together leading speakers and experts from privacy and security to deliver compelling content via solo presentations, panel discussions, debates, roundtables and workshops.

For more information on upcoming events, visit the website.

We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.

Privacy Culture: Data Privacy and Information Security Consulting, Culture & Behaviour, Training, and GDPR maturity, covered. https://www.privacyculture.com/