back to article There's Norway you're going to believe this: Government investment fund conned out of $10m in cyber-attack

The Norwegian Investment Fund has been swindled out of $10m (£8.2m) by fraudsters who pulled off what's been described as "an advanced data breach." Norfund – which is the Norwegian government's funding vehicle for developing countries – said a hacker was able to manipulate the organization into routing a loan intended for a …

  1. KjetilS

    I think you mixed up the funds here. Norfund isn't the wealth fund. The wealth fund is called "Government Pension Fund Global" or just "The Oil Fund".

    Norfund is an investment fund that is created to help improve development countries, and is worth around 25B NOK or roughly 2.5B USD, which is a lot, but absolutely tiny compared to the actual wealth fund.

    1. diodesign (Written by Reg staff) Silver badge

      Yup, we f'ked that one up royally. Lessons have been learned - the article's been corrected.

      Don't forget to email corrections@theregister.co.uk if you spot anything wrong - we'll get those complaints immediately without having to read every comment.

      C.

  2. TonyR

    A Legal Scam Coming

    The bill for this "PwC is also being called in to do an evaluation for the IT security setup at the fund." may well be in the region of the original scam, once it is all over.

    1. Wellyboot Silver badge

      Re: A Legal Scam Coming

      Only if they're lucky!

      PWC will look at the total fund value and plan their robbery charging process.

  3. Mike 137 Silver badge

    "an advanced data breach"

    It always is "advanced" until the investigation shows it was a total push-over. Usually down to complete absence of management oversight. Technologies alone are not enough - as at Equifax and hundreds of others.

    1. JimC

      Re: "an advanced data breach"

      Its the job of technology to make it very difficult for users to stuff up. In IT we are abject failures at doing so.

    2. EnviableOne Silver badge

      Re: "an advanced data breach"

      as with all things it comes down to people process and technology.

      In this case, they abused the technology to get the people to go round the process.....

  4. JosephB

    "PwC is also being called in to do an evaluation for the IT security setup at the fund"

    One of the biggest cons in the industry is that audit firms like PwC, KPMG, Deloitte etc know anything at all about IT security.

    For a fraction of the price they could hire an ethical hacking crew to actually hack them, point out their security flaws & how to close them up.

    1. low_resolution_foxxes Bronze badge

      Never actually seen them improve a process.

      They send plenty of 25yr olds with no business experience to collect paper for a week. Occasionally they might take a simple and unproblematic process, complicate it to the point no one has a clue what to do anymore, achieving the objective by preventing any work taking place.

  5. Knoydart
    Coat

    Subs missing a trick

    Surely this was a fjordulent transaction?

    Hardangervidda I'll get my coat

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2020