Cyberattack keeps Bank of Valletta off grid
Malta’s Bank of Valletta (BOV) has seen its website and banking operations go offline as it struggles to deal with a €13 million cyber heist.
As reported on 19 February, BOV was in recovery mode as it dealt with the cyberattack that temporarily suspended its operations.
Branches were taken offline (or out of service) following a “malicious external attempt on its systems”. The bank told its clients that customer accounts and their funds were in “no way impacted or compromised”.
It managed to resume a number of its services – such as ATMs, internet banking, mobile banking and cards. In an update on its website on 15 February, it revealed that SEPA payment services were fully operational.
However, in the latest chapter its problems have not gone away and this week even its website is offline.
According to The Times of Malta, Maltese and European authorities believe that hackers posed as the French stock market regulator to break into the bank’s IT systems and walk away with millions of euros.
The group, dubbed EmpireMonkey by investigators, carried out a €13 million heist from the bank on 13 February, which led BOV to temporarily take its services offline.
The investigations have seen the police, the financial services watchdog, the State IT authority and foreign counterparts all come together to try and trace the missing cash and sort out flaws in Malta’s banking security systems. (Back in November 2018, the European Commission wanted the Maltese anti-money laundering supervisor to bring its A-game when checking out banks and shady activities.)
“This investigation has involved a lot of collaboration, both in Malta between different authorities but also overseas, with Europol and other entities that are assisting in this,” a source privy to the details of the investigation tells The Times of Malta.
“We are working around the clock on the case, but it is extremely complex and we have never had anything like this in Malta before.”
A review of the bank breach has already uncovered how the hackers could have been attempting to infiltrate as far back as October 2018. A source says similar “phishing” had first been detected locally some four months ago. This had the same digital fingerprint as the hacking group believed to have carried out this month’s heist.
The source was quick to point out that banks regularly receive such threats and attempts to infiltrate their systems were commonplace.
The situation is fluid. At the time of writing BOV has not kept people updated on Twitter about this issue.
BOV was formed in 1974 following an agreement between the Government of Malta and the Malta Development Corporation. In 1992, BOV became the first public company to be listed on the Malta Stock Exchange.
The bank’s financial services are offered through a network of 44 branches and agencies in Malta and Gozo, and through a number of subsidiaries. It has also developed a worldwide network of correspondent banks and has opened representative offices in Australia, Belgium, Italy, and Libya.