Investigators Hit Brick Wall; Bank Of Cyprus CEO Hard Drives Wiped

Tyler Durden's picture

As the investigation into unusual loan write-downs and the 'premature' movement of capital away from Cyprus by the elites of that nation progresses, Cyprus Mail reports that the investigators - Alvarez and Marsal (A&M) - have found that the information provided by Bank of Cyprus (BoC) was incomplete and data deleting software were found on the computers of two senior executives. "Our computer forensic technologists have found that the computers of two employees, (former CEO) Mr. (Andreas) Eliades and (senior manager group treasury and private banking) Christakis Patsalides, have had wiping software loaded, which is not part of the standard software installations at the BoC." Investigators found no e-mail files, mailboxes or user documents on Eliades’ desktop computer - "we had significant gaps in the e-mail data received from BoC for the period 2007 to 2010, a key period for our scope of investigation," and no email backups were performed. A&M is looking into how BoC accumulated €2.4bn worth of Greek government bonds (GGBs), later suffering huge losses because of that, and into BoC’s expansion to Romania and Russia. We are sure this is all above board and normal IT protocol for the bank... or not.

Via Cyprus Mail,

Deletion of data allegedly took place on computers belonging to senior Bank of Cyprus (BoC) executives, according to the leaked findings of a probe into the circumstances that forced the island’s biggest lenders to seek state assistance.

 

Alvarez and Marsal, the firm tasked with investigating why Bank of Cyprus and Laiki sought state assistance, said the information provided by BoC was incomplete and data deleting software were found on the computers of two senior executives.

 

“Our computer forensic technologists have found that the computers of two employees, (former CEO) Mr. (Andreas) Eliades and (senior manager group treasury and private banking) Christakis Patsalides, have had wiping software loaded, which is not part of the standard software installations at the BoC,” A&M said. “Mass deletion of data appears to have been undertaken on the Patsalides computer on October 18, 2012.”

 

A&M’s findings were handed over to parliament on Wednesday.

 

...

 

Investigators found no e-mail files, mailboxes or user documents on Eliades’ desktop computer.

 

...

 

A&M said there were more gaps in the data collection.

 

“We had significant gaps in the e-mail data received from BoC for the period 2007 to 2010, a key period for our scope of investigation,” the firm said.

 

...

 

A&M said its team was not authorised to issue subpoenas or compel anyone to attend an interview or compel the production documents and data if they did not work for an entity supervised by the CBC.

 

However, any conduct identified as suspicious will be surrendered to the attorney-general, A&M said, citing the CBC.

 

A&M looked into how BoC accumulated €2.4 billion worth of Greek government bonds (GGBs), later suffering huge losses because of that.

 

It also looked into BoC’s expansion to Romania and Russia.

 

...

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.
RacerX's picture

Lol.. This is going to be like an episode of the 3 stooges. Larry, Curly & Mo.

BaBaBouy's picture

Guess WHAT ???

ALL The (Paper) Fiats In The WHIRLD Are Hard Drive Based Data.

 

GOLD Anyone .?.


idea_hamster's picture

I've heard that waterboarding has the ability to jog someone's memory as to who said what and when.

After all, do we really care which of the technocrat central banksters we line up against the wall first?  They'll all get their chance eventually....

EDIT: for TPTB who care -- I'm talking about mug shots here.  Seriously.

ihedgemyhedges's picture

I am sure this was accidental.  They were trying to download special SEC porn programs, but inadvertantly downloaded hard drive wiping software instead.....

Ahmeexnal's picture

They wiped all those bitcoins with wiping software?

krispkritter's picture

AAAAnnnndddd it's GONE!

(somebody had to say it)

gmrpeabody's picture

Holder's clean-up crew must be moonlighting...

MagicHandPuppet's picture

Lol.  I'm sure it was just routine computer maintenance.

donsluck's picture

Incorrect. My paper money is not on a hard drive. This is why the only safe investments are PMs and cold hard paper physical cash.

Jack Napier's picture

Paper is as safe compared to digital dollars as gold and silver are safe compared to paper. Cash is good to have in a crunch, but it's a terrible investment.

Bunga Bunga's picture

Never heard of brain wallets?

Papasmurf's picture

Hard drives. . . bitcoins. . . gold. . choice is easy.

Banksters's picture

10011001100101001010

 

Binary for, no proof here, dummies.

 

lol

Banksters 1

Investigators 0

Big Slick's picture

There are 10 types of people in the world... those who understand binary and those who don't

Dodgy Geezer's picture

"There are 10 types of people in the world... those who understand binary and those who don't"

 

While there are FA people who understand hex...

Taint Boil's picture

 

 

http://www.fileshredder.org/ I have it -it is free. 

........to remove, or shred files permanently from your system you have to use a program that is capable of rewriting the files with random series of binary data multiple times. This process is often called shredding. That way, the actual content of the file has been overwritten and the possibilities to recover such a shredded file are mostly theoretical.

Ying-Yang's picture

or you beat the hell out of the hard disk

post turtle saver's picture

No, actually that's recoverable. Pro tip: shredding software + thermite = no worries.

PhysicalRealm's picture

Re: Taint Boil's suggestion of fileshredder.org , if you have the luxury of being able to wipe an entire HD, use Darik's Boot and Nuke http://www.dban.org/ . Regarding mutilating, breaking, hammering etc., on a HD, data can almost always still be recovered.  Questions I'd have here, though, would be regarding personal mobile devices belonging to the crooks, and ISP records.  (In the US, at least, all ISPs keep copies of emaill at least for a while - and that was true long before the Utah Data Center was even a glimmer in some Orwellian gooberment asshole's mind.) 

overbet's picture

Now the people should know this is where their hit list starts.

SilverRhino's picture

Are they seriously peddling the notion that they cant find his emails????   

Uh, Exchange server anyone? 

Restore from backup?   

 

Goner's picture

From the Article "and no email backups were performed."

I have a bit of experience with backups and email and I can tell you even small shops have email protection. The fact this bank does not (at least now) means this went even further. There are two options

1) The investigators have no idea what they are doing when then looked at the Backups (highly unlikely)

2) The executives told the IT people to erase it

Grab the IT guys and threaten them and I bet you get some answers. Depending on the process used, you may even be able to rebuild the deleted backup data.

Give me a few hundred thousand Benny Bucks and I will help consult

MeelionDollerBogus's picture

they still get to choose where that data is stored, and if that 'where' is a hot-swappable drive and/or a ram-disk - the software doesn't care so long as it has a location to drop to - then I guess that solves that, doesn't it?

fonestar's picture

Interesting they wiped the hard drives.  Now try "wiping" the block-chain.

tarsubil's picture

They probably used US DoD standards for disposing of evidence.

ParkAveFlasher's picture

AAAnd the next wave of technological achievement is the dot matrix printer.  Finally, a safe and secure means of storing large amounts of data.

1979, bet your ass!

malikai's picture

These guys look at PCs to find emails and funds transfers. And this is a bank we're talking about right? Anyone think of the servers?

It's no wonder Cyprus is fucked.

Groundhog Day's picture

Malikai,  If it were a legitimate investigation that would be the logical place to look, but this is a dog and pony show in a circus so they'll keep looking at the hard drive to keep the sheep at bay

Telemakhos's picture

The server is where you store business data that doesn't get you indicted if one of your IT geeks decides to leak it to the press.  Moreover, that's where lower- and mid-level employees keep their data, because IT sees their computers as fungible and instantly-replaceable.  The investigators probably got a copy of the server data some time ago; much of the money laundering should be there.

The C-level employee's PC hard drives, though, might contain stuff that the IT staff can't be trusted to keep secret.  Things like bribes to politicians, blackmail-ready info, etc.  Moreoever, encrypted e-mails might make their way onto the PC hard drive in unencrypted form, but live on the server only as gibberish.  So, checking the hard drives isn't dumb.

The interesting thing is not that the C-levels were destroying evidence, but when: October, 2012.  That's when the high-level bank staff knew for sure that they were fucked.  That should characterize a turning-point in the history of BofC.

Acet's picture

In a company the (email) server is where the e-mails are.

E-mails stored in the PC are just local copies.

PS: This is a professional, expert opinion.

Goner's picture

Everyone knows you dont use company email when you steal, lie or cheat. Your own staff can track and give evidence against you.

You use a hotmail account /sarc

ps. Love that someone dinged you for stating facts

Andre's picture

POP3 and delete from server once it hits the local drive.

Some still recoverable from the server to some extent, but use over time has a way of making life (and recovery) a bit harder.

Now, if those were solid state drives with leveling turned on (which it almost always is) - fun, fun in the sun, sun.

MeelionDollerBogus's picture

I doubt they're using POP3. The corporation I work for isn't. There's reasons for that, part of which are reporting abilities, part of which is being able to trash entire computers as needed without a loss of emails, schedules, etc. (exchange server) or whatever else companies choose to use.

It's a bank, a big bank, not a mom 'n' pop using pop3 or hotmail.

Acet's picture

As the man said, large companies doen't use POP3.

Amongst other things, if they used POP3, when a user machine died, all their e-mails would be lost (and doing backups on the server or even setup multiple servers in a redundant configuration is far easier than backing-up thousands of user machines).

Also you can't have e-mail accessible from multiple devices (say, a desktop PC and notebook and a BlackBerry) with POP3.

They're either using Exchange or IMAP, both of which keep the e-mails in the server.

 

PS: in response to the guy that mentioned hotmail, the overwelming majority of banks block that at the firewall level.

BigJim's picture

If the bank's IT department followed normal backup procedures, there will be scores of DLT/LTO/3592 tapes with snapshots of that data.... if anyone really wants it to be found, of course.

Ahmeexnal's picture

Do you store your bitcoin wallet in DLT/LTO?
Nah, these "new kids on the block" when it comes to IT only know USB thumbdrives, "backing up on iCloud or FaceBook" and iPads.
"Normal backup procedures" usually mean no backup until a SHTF event takes place.

BigJim's picture

The missing stuff dates back to 2007... and the system they were using almost certainly pre-dated that. So chances are pretty good they were backing up onto tape.

MeelionDollerBogus's picture

OK, now ask yourself: is that the actual hard drive that was actually there before, or were the "acceptable files" and sectors duplicated to another hard drive while the other one is just flat out gone?

I also made another comment about routing to ram-disk so nothing would be saved yet all the software wouldn't question it so long as it has a place to store the files as usual, as if it was a hard-disk.

Ancona's picture

Deletion is the solution. Cyprus is just the beginning.

MsCreant's picture

Ctrl+Alt+Del for the whole thing is the real solution.

Bunga Bunga's picture

Wipe out the debt. Treasury should get Turbo-Wipe!

centerline's picture

Again.  I am shocked.

TeamDepends's picture

Going all in with other peoples' money is a tried and true strategy.

Winston Churchill's picture

Shocked, totally shocked, that gambling goes on there.

Dr. Engali's picture

Well there's a shocker. Now all we need to make the farce complete is them being questioned by parliament on their version of C-SPAN with the title of "honorable" in front of their names.

Bearwagon's picture

Maybe it originally was meant to spell: "Homo-rape-able"?

Richard Head's picture

And still, not one Cypriot banker hangs from a lamp post.  What does it take, people????

CommunityStandard's picture

Exactly.  Rule of law won't be enforced if the people don't care.