Bank of Valletta has yet to establish who was behind a cyberattack that saw hackers transfer €13 million to overseas banks on Wednesday, forcing the bank to temporarily shut down all operations.
In comments to Times of Malta on Thursday afternoon, BOV's chief business development officer, Kenneth Farrugia, said it was still too early to say who was behind the attack.
All of the bank’s functions - branches, ATMs, mobile banking and even email services - were suspended at around 1pm yesterday after discrepancies emerged during the reconciliation of international transactions. The bank resumed operations on Thursday morning.
"At this stage, we don't know who was behind it. There isn't a yes or no answer because the entry points can be through various channels. You can have someone using a USB, someone who received an e-mail with malware in it, through internet banking, and so on.
"We have started eliminating by looking at audit logs to try to find out where this came from and what the entry point was. But we have yet to determine the source," Mr Farrugia told Times of Malta.
They breached our payment processing system from our own account
Pressed to say whether the bank had any indication of whether the attack came from overseas or whether, for instance, there was even the possibility of potential insider involvement, the officer would not say, insisting it was simply too early to reach any conclusions.
On the nature of the breach, Mr Farrugia insisted that this was purely of a monetary nature and that no personal data was leaked.
"We did not have any breach of personal data. Whoever carried out the hack did so for the value. They did not go beyond the payment process that involved our bank," he said.
The bank could immediately say that clients' accounts remained untouched -despite hackers making away with €13 million - because a very particular system was breached.
"They breached our payment processing system from our own account. It's not the leg from the client to us but from ours to the outside. We immediately identified that one leg was working properly but then there were problems with the other leg, where 11 more transactions were found," he said.
With regard to operations resuming on Thursday morning just before branches reopened at 8.30am, Mr Farrugia said that while the bank had a business continuity plan, with branch managers being informed of the procedures that would be implemented had the bank remained offline, there was no need for such a plan as everything was up and running by early morning.
The only service not yet operating is that of payments to third parties.
Work is underway to restore this soon but Mr Farrugia could give no timeline.