UPDATED 23:10 EST / MAY 14 2020

SECURITY

$10M stolen in cyberattack on Norway’s state investment fund

Unknown hackers have stolen $10 million from Norfund, Norway’s state investment fund in an operation that spanned several months.

The money was stolen by tricking an employee to send the money to an account controlled by the hackers, but the more impressive part is the patience those behind the attack took in getting to that point.

The scammers originally hacked into the fund via its email network and patiently monitored accounts and identified employees who were authorized to make payments.

The fund makes global investments and in this case was lending $10 million to a microfinance institution in Cambodia when the hackers became involved.

“The defrauders manipulated and falsified information exchange between Norfund and the borrowing institution over time in a way that was realistic in structure, content and use of language,” Norfund said in a statement May 13. “Documents and payment details were falsified.”

The payment ended up going to an account in Mexico. The theft took place on March 16 but was not detected until April 30 when the same hackers came back for a second attempt. To obfuscate the theft, the hackers had told the Cambodian company that the transfer had been delayed because of the COVID-19 pandemic, meaning that no alarm was raised when the funds were not received.

“This is an extremely well-thought-out and -executed plan,” Javvad Malik, security awareness advocate at security awareness training form KnowBe4 Inc., told SiliconANGLE. “Once the criminals were able to gain access to internal systems and emails, it became only a matter of time before they could execute their plan.”

Malik said that’s why a “layered” defense is essential for organizations. “These layers will make it difficult for criminals to gain access to systems, and if bypassed, they can rapidly detect and respond to them,” he said. “The human element forms a critical layer in this approach. It’s important to provide security awareness and training to all employees so that they can identify any suspicious phishing emails.”

Image: Norfund

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU