Hackers and swindlers are staying active during the Corona crisis, with police investigating how investment fund Norfund lost NOK 100 million (USD 10 million) in “an advanced digital swindle” this spring. Police fear many other companies have been hit as well but don’t report it.
Officials at state-owned Norfund, which funds business operations in developing countries, said the swindle was tied to a loan agreement Norfund had with a micro-finance institution in Cambodia. The swindle, involving infiltration of email that ultimately directed loan funds to an account in Mexico instead of to the institution in Cambodia, began on March 16 and was discovered April 30, when a new swindle attempt was warded off.
Terje Fjeldvær, who leads efforts to fend off fraud at Norfund’s bank connection DNB, told newspaper Dagens Næringsliv (DN) that there’s been a “massive” increase in this type of swindle since 2016. He called the attack on Norfund “the most advanced” he’d seen in his career, but Norfund officials were nonetheless distressed and claimed the attack showed that its own security routines and systems “weren’t good enough.” Police have given the case high priority but no arrests have been made.
Norwegian foreign policy institute NUPI, meanwhile, has also been hit by hacking attempts during the Corona crisis but has managed to ward them off. DN reported that the attacks on NUPI’s systems were discovered when several NUPI employees received access codes via SMS that they hadn’t requested. They all immediately changed their passwords and have been put on alert.
“We’re seeing a broad spectrum of various types of attacks,” Bente Hoff, director of the National Cyber Security Center, told DN. She said authorities have been concerned about weaknesses in systems tied to the rapid establishment of home office use during the Corona outbreak.