Hackers Target Maltese Bank in €13m Cyber Heist

Written by

A leading Maltese bank is resuming its services today after shutting down operations following a major cyber-attack on Wednesday.

The Bank of Valetta (BOV) said in a notice on Thursday morning that customers could once again use ATMs, online banking, mobile Banking and their BOV cards, although at the time of writing, payments to third parties were still suspended.

This is following an attack which directed €13m ($14.7m, £11m) worth of fake payments from the bank to accounts in the UK, US, Hong Kong and the Czech Republic.

In a statement to the island nation's parliament, Prime Minister Joseph Muscat reportedly said that the bank spotted something was amiss during reconciliation of international transfers at the start of business on Wednesday.

A decision was taken within half an hour to shut all of the bank’s services, as word came in from abroad that it had been hit by a cyber-attack.

The illegal transfers have been traced and are reportedly now being reversed.

“The Bank once again wants to reassure its clients that customer deposits and customer accounts were in no way affected by this cyber-attack,” the BOV said. “This unfortunate incident proved that the contingency plans in place and the preventive measures taken by Bank of Valletta were appropriate and that these measures safeguarded the bank, its customers and stakeholders.”

At first sight, this attack shares some characteristics with the audacious $81m cyber heist at Bangladesh Bank in 2015 and other smaller raids on lenders since.

As such, it could be a classic Business Process Compromise (BPC) attack in which hackers research the inner workings of a target organization to covertly manipulate key processes — such as by finding loopholes in money transfer systems or using malware to make unauthorized transfers.

AlienVault security advocate, Javvad Malik, argued that as organizations go digital, they need to find more holistic ways to manage risk.

“It is no longer enough to implement security simply at one level such as the website or the app. Rather security needs to be baked in all the way across the endpoint, network, to the servers,” he added. “Additionally, detection and response controls need to be in place and tested to gain assurance that during an incident core business functions can be maintained."

What’s hot on Infosecurity Magazine?