The world’s largest sovereign wealth fund suffered a cyber attack: cheated out of $10 million

News from Beijing time on April 29, as the world’s largest sovereign wealth fund, Norfund fund was easily cheated of 10 million US dollars by swindlers for online fraud, and swindlers took advantage of the so-called “leaked payment data” to commit crimes.


According to reports, the Norwegian sovereign fund Norfund (also known as the Norwegian national fund) is funded by the famous North Sea oil field income, and its current market value exceeds $1 trillion. The fund said that hackers manipulated a transaction of the organization to transfer a loan originally intended to be lent to a Cambodian microfinance institution to an account controlled by a swindler, as a result, the fund was cheated 0.1 billion kronor (about US $10 million) in March. The fund said the money appeared to have been transferred from Cambodia to Mexico, and international police had stepped in to investigate the matter because of the huge losses.

Norfund said on Wednesday that the cyber attack fraud case: “During this period of time, the fraudsters used a very clever way in structure, content and language, the exchange of information between Norfund and borrowing agencies was manipulated and forged. Documents and payment details are forged.” The swindler used some forged invoices or forged emails to transfer the money to other accounts, indicating that the whole transaction process could not pass the bill.

In fact, this scam is very simple, but it is very effective. Scammers will first deceive a key person in the company, and then deceive others in the company to transfer money to a new account, because these payments are legal and authorized in the plan, so victims usually don’t react until the end.

Chief executive Tellef Thorleifsson promised to take prompt action with international police to bring the swindlers to justice and prevent the organization from being cheated again. He said: “This is a serious incident. This online fraud clearly shows that as an international investor and development organization, we are vulnerable to attacks when using digital channels. The fact that this happens shows that our system and management are not good enough. We must take immediate and serious action to correct this situation.”

it is reported that in addition to the police intervention, the Norwegian sovereign fund also said that it is cooperating with the Norwegian Ministry of Foreign Affairs and its bank DNB to track the swindler and retrieve the stolen money. PricewaterhouseCoopers was also asked to evaluate the fund’s IT security settings. Although it is embarrassing to be the victim of such cyber attacks, Norfund is not the only one. If the core of this matter lies in business mail fraud in Internet transactions, then this kind of internet fraud has formed a multi-billion dollar industry and the situation will only get worse. (Author/Liangji)