May 20, 2020

Hackers Seize $10 Million from Sovereign Wealth Fund

by: Katie Sloane

Cybercrime poses a severe threat to the integrity and preservation of established and emerging investment firms. This article sheds light on the recent phishing scam that plundered the world’s largest sovereign wealth fund, Norfund.

The Norwegian Investment Fund, currently valued at over a trillion dollars, reported that hackers circumvented the fund into diverting a $10 million loan designated for a Cambodian microfinance institution. After infiltrating communications between Norfund and the borrowing organization, criminals hijacked the information exchange and distorted payment information to transfer the assets to an account in Mexico. 

4106-1000x515With the police investigation underway, details regarding the attack are still amassing. Various hypotheses point to a compromised network, business email compromise (BEC) scam, also known as CEO Fraud, or pwned workstations. 

In a press release published by Norfund, CEO Tellef Thorleifsson recognized the grave incident and outlined the firm’s immediate plans to bolster security measures around operations and systems. 

The conjunction of crime and greed fuels the $12 billion of losses attributed by the FBI to BEC incidents between October 2013 and May 2018. With minimal costs to cybercriminals and potentially staggering setbacks for institutions, BEC is a lucrative scam we forsee escalating throughout 2020 and beyond.

Peers within the investment industry should reflect on the Norfund incident to re-evaluate their current, or lack thereof, cybersecurity programs, and act swiftly. As motivated hackers trek onward to identify their next victims, one thing is evident; no business is immune to cybercrime’s jarring consequences. 

Align’s Cybersecurity Advisory Practice was designed by investment industry veterans to address our clients’ unique needs and pain points. For information regarding these services, visit here or contact us

Get in Touch


Continue Reading

Related Articles


“Align is our trusted provider for all our Managed Services and cybersecurity needs. They provide us best-in-class IT services that not only help drive productivity and growth, but ensure we meet both current and evolving compliance and security requirements with ease. As consultants to financial advisors, trust and reliability are indispensable to our operations, which is why we never hesitate to refer Align to our very own client base. Align isn’t just our partner, they are an extension of our team. We look forward to entrusting them with our IT infrastructure for years to come.”

Ed Fasano - Experienced Advisory Consultants LLC