Last updated Thursday 7.30am as bank's mobile app went back online

Bank of Valletta shut down all its operations on Wednesday morning after hackers broke into its systems and moved €13 million into foreign accounts.

Mobile banking services are down.Mobile banking services are down.

All of the bank’s functions - branches, ATMs, mobile banking and even email services - were suspended and its website taken offline. 

The bank's mobile app was back online on Thursday morning.

The fraudulent transactions had been traced and were "being reversed", Prime Minister Joseph Muscat told parliament later on Wednesday. 

The attack is believed to have originated overseas. 

'Funds not compromised'

In a statement, the bank reassured customers that their accounts and funds “are in no way impacted or compromised” and that it was working to resume normal services in a phased manner as soon as possible.

“The Bank is working closely with local and international police authorities in this regard,” it said.

"Bank of Valletta apologises to its clients for any inconvenience caused and will be keeping its customers and the general public informed of developments." Customs may phone on 21312020.

HSBC Malta issued a one-line statement saying its services were operating normally. 

Payments to four countries blocked

The attack was detected shortly after the start of business on Wednesday morning, Prime Minister Joseph Muscat told parliament, when it noted reconciliation problems regarding international transfers. 

Hackers sought to make international transfers to banks in the UK, US, Czech Republic and Hong Kong. The transfers were blocked within 30 minutes and the banks  alerted, the Prime Minister said.

Watch: Prime Minister Muscat speaks to parliament about BOV hack

Initial indications are that the hack originated overseas, Dr Muscat added. 

Bank of Valletta 

MFSA keeping tabs

Malta's financial regulator, the MFSA, is closely monitoring the situation.

"The MFSA follows ECB guidelines with respect to cyber-security threats and attendant risk mitigating factors which need to be followed by licenced institutions," MFSA CEO Joseph Cuschieri told Times of Malta. 

It was banks' responsibility to safeguard their cyber security, he added. 

"We strongly encourage banks and other other licenced financial institutions continuously invest in their IT systems to prevent such occurrences," he said. 

Shop owners in the dark

The shutdown has affected several local businesses which rely on BOV-operated point-of-sale equipment to process card payments. It also means POS systems run on rival banking networks cannot process payments on BOV-issued cards. 

As of 3pm, shop owners remained in the dark.

Speaking to the Times of Malta on Wednesday afternoon, Chamber for Small and Medium Enterprises (GRTU) head Abigail Mamo said that shop owners had no option but to decline card payments as the point-of-sale devices used to charge credit cards were not working.

Shop owners initially thought something was wrong with their own systems, she said. 

"Since the bank could not get in touch, they were not aware that something was wrong," she explained. 

"They tried calling BOV, but didn't manage because their communication systems were down. It was a while before the bank got in touch and told them that they were offline," Ms Mamo explained.

No additional information was supplied to them, she said.

She explained that many customers were being turned away, resulting in some chaos in certain bigger shops, such as supermarkets, where they relied on the electronic devices for the majority of their payments.

“It’s obviously not the customers’ fault but they are, unfortunately, being turned away because the systems just aren’t working at the moment,” Ms Mamo said.

The GRTU head said that while some shop owners did have other POS machines installed, it was not always viable to use these as charges were higher.

A main clothing retailer confirmed that the problems started at around 1.15pm, noting that there had not been any issues earlier in the day.

While the retailer was making an effort to serve all customers, including those with a BOV card, by using the POS devices from other banks, some sales were still being lost.

APS Bank suspends some services

APS Bank said it had decided, as a precautionary measure, to suspend some of its services, including ATMs, cards-related transactions and payments from and to Bank of Valletta).

It stressed, however, that the integrity of its customers' accounts was protected and that deposits were safe.

Very rare occurrence

European Banking Authority guidelines introduced in 2018 lay out the steps EU-based banks and banking regulators ought to take when assessing and minimising their risk to IT-based threats.

Although banks in Malta have been attacked in the past, a source familiar with the regulatory sector said that something on this scale was very rare - which showed the levels of protection that banks had built up.

BOV ATMs have also been switched off.BOV ATMs have also been switched off.

Banks in Malta are regulated by the Malta Financial Services Authority, which would - along with the European Central Bank - have been advised about this attack by BOV, he said.

The sources said that the authority would, in an ideal world, itself carry out checks on banks' IT systems, and not just on their capital ratios and governance.

"The reality is that to do this you need to have very qualified technical resources who would understand the systems and be able to check them and challenge their protection systems," he told the Times of Malta.

"Having said that, the banks do not rely on the regulator but have their own internal audit teams, and most also get external consultants to monitor them."

OPINION: Malta's cyber defence - Martin Scicluna

Banks and other large enterprises often employ so-called white-hat hackers - ethical hackers - to probe its systems and find bugs and shortcomings in their systems, a digital security expert told Times of Malta.

'Malta a honey pot'  

The bank’s decision to completely shut down its operations was either taken in haste or else because it was a severe attack, a separate digital forensics expert told Times of Malta.

“Banks usually try to mitigate these attacks behind closed doors,” he explained, while making it clear that he had no knowledge of this specific attack.

Malta’s rapid economic growth meant more malicious players would be interested in hacking local companies, he added.

In such cases, companies’ focus in such cases was on getting their businesses up and running again, rather than preserving evidence.

“Most of the time the private sector rarely cases about the second,” he noted.

Have you been affected by the bank shutdown? Get in touch on mynews@timesofmalta.com

Sign up to our free newsletters

Get the best updates straight to your inbox:
Please select at least one mailing list.

You can unsubscribe at any time by clicking the link in the footer of our emails. We use Mailchimp as our marketing platform. By subscribing, you acknowledge that your information will be transferred to Mailchimp for processing.