Only small part of BOV system attacked, total shutdown was ‘necessary precaution’
Only part of Bank of Valletta’s system was attacked on Wednesday, but a complete shutdown was necessary as a precautionary measure, CO Kenneth Farrugia has told The Malta Independent.
On Wednesday morning BOV was compelled to shut down its operations after one of its systems fell victim to a hacking attempt. Addressing Parliament later that afternoon, Prime Minister Joseph Muscat explained that the hackers had falsified various transactions, transferring a total of €13 million to four different countries in euro, US dollars and British pounds.
The bank resumed its operations yesterday morning following rigorous overnight testing of its IT system, a statement released by the bank says.
In comments to The Malta Independent, Farrugia explained that, on Wednesday, “during routine reconciliations that the bank carries out every morning, it noticed that there were discrepancies in eleven payments having a total value of around €13 million emanating from the bank’s foreign payment accounts. We immediately realised that the bank had been breached.”
Farrugia insisted that “one needs to point out that the bank decided to shut down the whole system for security reasons, not because the whole bank system was under cyber attack. It was only a small part of the system that was hacked, but the bank decided to shut down the rest of its operations. Precaution was needed and that is why we switched everything off. This caused disruption but we are happy that we managed to resume operation within a few hours. After we switched off our systems, we made sure that the
customer service centre was given more resources to deal with queries our clients had.”
He said that no ATMs, cards, client data, and internet, phone banking or other systems had been infiltrated. In fact, a number of these systems, such as ATMs, were functioning again at around midnight. He added that the only service not yet available was third-party international payment outside the Single European Payments Area; however, “our intention is to re-activate this shortly. All other international payments in euro within the SEPA region are being processed normally.”
Asked what the ultimate goal of the cyber attack was, Farrugia said that “cyber attacks typically involve the illegitimate transfer of money, data or both. Evidently, money was the key motivator behind this attack.”
Farrugia said that management at the bank’s branches around the country had been briefed on the situation at 6.30am yesterday.
Asked if the attack was the work of local or foreign hackers, Farrugia said that they could not yet say. He explaining that hackers could mask their location, making it appear as though the attack had originated from a different county. IT experts, together with local and foreign authorities are investigating. A magisterial inquiry has also been launched.
Asked whether such an incident meant that the bank could easily be hacked, Farrugia said that the bank’s security system was continuously being updated and rigorously tested.
Nonetheless, one must keep in mind that cyber attackers are constantly trying to penetrate financial systems.
“This is not an isolated case, as banks and even private companies are constantly faced with cyber threats driven by hackers trying to penetrate their systems. On the security front, the bank has an ongoing programme of reviews and updates to its security systems and has in place a highly rigorous testing programme.
Despite the significant investment undertaken by banks in se- curity, no bank in the world can guarantee that it has a watertight, cyber-attack-free system as cyber hackers are continuously in the process of refining their skills and tactics.
Together with its specialist secu- rity consultants, the bank is currently conducting a detailed investigation into the breach and actively working to fully reinstate its international payment system. It is also following up on the recall of the illegal transactions.