Hackers Seize $10 Million from Sovereign Wealth Fund

by: Katie Sloane on May, 20, 2020 | 0 Comments
 hero Image

Cybercrime poses a severe threat to the integrity and preservation of established and emerging investment firms. This article sheds light on the recent phishing scam that plundered the world’s largest sovereign wealth fund, Norfund.

The Norwegian Investment Fund, currently valued at over a trillion dollars, reported that hackers circumvented the fund into diverting a $10 million loan designated for a Cambodian microfinance institution. After infiltrating communications between Norfund and the borrowing organization, criminals hijacked the information exchange and distorted payment information to transfer the assets to an account in Mexico. 

4106-1000x515With the police investigation underway, details regarding the attack are still amassing. Various hypotheses point to a compromised network, business email compromise (BEC) scam, also known as CEO Fraud, or pwned workstations. 


In a press release published by Norfund, CEO Tellef Thorleifsson recognized the grave incident and outlined the firm’s immediate plans to bolster security measures around operations and systems. 

The conjunction of crime and greed fuels the $12 billion of losses attributed by the FBI to BEC incidents between October 2013 and May 2018. With minimal costs to cybercriminals and potentially staggering setbacks for institutions, BEC is a lucrative scam we forsee escalating throughout 2020 and beyond.

Peers within the investment industry should reflect on the Norfund incident to re-evaluate their current, or lack thereof, cybersecurity programs, and act swiftly. As motivated hackers trek onward to identify their next victims, one thing is evident; no business is immune to cybercrime’s jarring consequences. 

Align’s Cybersecurity Advisory Practice was designed by investment industry veterans to address our clients’ unique needs and pain points. For information regarding these services, visit here or contact us

Get in Touch

 

Tags: Cybersecurity, Managed Services

Related Articles

 
Remote Work Raises Cybersecurity, Complacency Fears for Hedge Funds

Cybersecurity

Remote Work Raises Cybersecurity, Complacency Fears for Hedge Funds

The following article originally appeared in FundFire and was written by Lydia Tomkiw.  Hedge funds

Read More >