Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

Meath County Co hacked - €4.3 million taken - now in HK

  • 18-12-2016 1:43pm
    #1
    Registered Users, Registered Users 2 Posts: 1,667 ✭✭✭


    Meath County Council appear to have been 'hacked' - more likely a social engineering fraud, where a 'junior employee' appears to have been told by his/her 'boss' to transfer funds (EUR 4.3 mil) - which appear to be now in a Hong Kong bank account. The boss was probably not the real boss in this case, someone purporting to be same.

    At my distance, there appears to be a deficit in the system of internal control in this local government agency. Payments of this scale should involve multiple sign-offs by various people - including the person who from 'on high' allegedly initiated the transaction.

    In Canton Zurich, for example, (which is far richer than Meath), any expenditure in excess of CHF 10 million requires a public vote, open to the entire population of voters in the Canton. Not just a few 'officers' of the government agency.

    As a result, for example, no money was wasted on a metro system in Zurich - the metro proposal failed at two different public votes. Instead they spent the money on 16 tram lines, giving priority to public transport (removing control of traffic from the traffic signal boxes and putting it in the hands of a massive computer model - VS-Plus), and removing on-street parking in cities - which causes side tear delay to traffic and reduces the number of lanes for trams and vehicles.

    http://www.irishtimes.com/news/ireland/irish-news/meath-county-council-confirms-attempted-cyber-attack-1.2910180


Comments

  • Registered Users, Registered Users 2 Posts: 5,112 ✭✭✭Blowfish


    Yeah, it's a sign that they have terrible processes in place in general. Even ignoring the CEO fraud risk, the fact that a single junior person can transfer that much is ridiculous as they could just transfer it off somewhere and skip the country themselves.


  • Registered Users, Registered Users 2 Posts: 64 ✭✭TruthEnforcer


    Its all a bit Odd to me ...

    I know that different people within any Co Co have different levels of 'financial approval' depending on their level of seniority .. but at the end of the day the 'person with responsibility for payment' will be the 'Finance Director Of Service' .. this as you would presume is NOT a 'Junior Member of Staff' so it would appear theres a 'bit of spin' being put out there to deflect the real problem / Story ????


  • Registered Users, Registered Users 2 Posts: 64 ✭✭TruthEnforcer


    Just came across this tonight on the intranet thing .. bit strange ? that

    http://ie.china-embassy.org/eng/sgxw/t1290317.htm

    "Meath County Council twined with Guiyang, capital city of China's southwest Guizhou Province in 2014"

    I presume this has nothing to do with the 'recently announced' missing monies ??? that have ended up in a Hong Kong bank ?

    Mr. Wu encouraged both sides to jointly make greater efforts to translate good will and good wishes into concrete actions, practical schemes and tangible results .. Yeah right .....


  • Registered Users, Registered Users 2 Posts: 36,505 ✭✭✭✭Hotblack Desiato


    Blowfish wrote: »
    Yeah, it's a sign that they have terrible processes in place in general. Even ignoring the CEO fraud risk, the fact that a single junior person can transfer that much is ridiculous as they could just transfer it off somewhere and skip the country themselves.

    It's far more likely that what the 'junior' person did was change the payee details, this sort of fraud is as simple as emailing (or writing, or even phoning up - old school) the accounts department and letting on you're the payee and that you've 'changed bank'. Then just wait until the next payment to that legitimate payee and cash in. If you've done your homework it'll be easy to identify who receives large, regular payments from your mark, and possibly even when those payments fall due so you can pull off your scam just beforehand. Bonus points if you identify a bank holiday etc. falling due just afterwards to help you cover your tracks before anyone twigs. Usually this sort of thing is only detected when the legitimate payee rings up wondering where their money is.

    This sort of scam is as old as the hills and predates computers.

    The spin they've put on this is something else. "Hacked" eh probably not. "Our systems detected an issue" eh no, they instructed their bank to move the money and their bank did move the money all the way to Hong Kong. For all we know it was something flagged up by the systems in the Hong Kong bank (presumably not the final destination of the funds) which led to the funds being frozen for investigation.

    In Cavan there was a great fire / Judge McCarthy was sent to inquire / It would be a shame / If the nuns were to blame / So it had to be caused by a wire.



  • Registered Users, Registered Users 2 Posts: 1,110 ✭✭✭Skrynesaver


    I'll just leave this here


  • Advertisement
  • Registered Users, Registered Users 2 Posts: 64 ✭✭TruthEnforcer


    Any developments of this story ?


  • Registered Users, Registered Users 2 Posts: 1,835 ✭✭✭BoB_BoT


    They got it back from what I recall. Frozen in the bank and had the transaction reversed.

    edit: here ya go: http://www.meathchronicle.ie/news/roundup/articles/2017/06/16/4141811-stolen-43-million-returned-to-council/

    also ffs, they're calling it a "cyber enabled theft"


  • Registered Users, Registered Users 2 Posts: 486 ✭✭Treepole


    BoB_BoT wrote: »
    They got it back from what I recall. Frozen in the bank and had the transaction reversed.

    edit: here ya go: http://www.meathchronicle.ie/news/roundup/articles/2017/06/16/4141811-stolen-43-million-returned-to-council/

    also ffs, they're calling it a "cyber enabled theft"

    I could think of a better word than cyber for what enabled the theft.


  • Registered Users, Registered Users 2 Posts: 71,159 ✭✭✭✭L1011


    It was extremely ancient social engineering; not "cyber theft"

    On a similar note, someone sent a letter to companies that had ads on UTV claiming to be from UTV Ireland asking them to divert future payments after UTV Ireland launched in Jan 2015 to a new bank account. Which did not belong to UTV Ireland, clearly. Targetted attack but absolutely zero "cyber" about it.


  • Registered Users, Registered Users 2 Posts: 37,316 ✭✭✭✭the_syco


    BoB_BoT wrote: »
    They got it back from what I recall. Frozen in the bank and had the transaction reversed.

    edit: here ya go: http://www.meathchronicle.ie/news/roundup/articles/2017/06/16/4141811-stolen-43-million-returned-to-council/

    also ffs, they're calling it a "cyber enabled theft"
    I find it odd that the money went to HK, and sloppy that the money was still in the account when the Irish authorities went to reverse it. I would've thought someone on the HK side would have moved the money as soon as it came in, to another account in a country with a less co-operative banking system? I may have read too many crime stories.


  • Advertisement
  • Registered Users, Registered Users 2 Posts: 1,835 ✭✭✭BoB_BoT


    the_syco wrote: »
    I find it odd that the money went to HK, and sloppy that the money was still in the account when the Irish authorities went to reverse it. I would've thought someone on the HK side would have moved the money as soon as it came in, to another account in a country with a less co-operative banking system? I may have read too many crime stories.

    Unless HK have functioning banking regulations, stating that such a large sum is queried/flagged? :P

    Crime novels indeed! Should have sent it to a country, as you said, with dodgy banking, like into an AIB or BOI account.


Advertisement