A cyber attack on the Bank of Valletta (BOV) was so bad that it caused them to take down their online services as a security precaution. Yesterday morning hackers broke into the banking systems and attempted to move €13million into overseas accounts. The destination of the funds included the UK, Europe, the USA and Hong Kong. Within 30 minutes the bank blocked the transactions and reported the incident to the local authorities.
As a result, BOV shut down their branches, ATMS and email services. It completely diminished from the internet as it even shut off its point-of-sale terminals, affecting local business.
Banks are a popular vector for hackers
Malta’s economy has rapidly grown making it a honey pot for organised crime group actors. The type of attempted hack has not yet been released.
The attack comes after hackers successfully stole just over €53million from the Far Eastern International Bank two years ago in Taiwan. Hackers infiltrated malware on bank hosts and servers accessing the SWIFT terminal used to transfer the staggering amount of money. They wired it to countries such as the US, Cambodia and Sri Lanka. A common tactic consists of accessing the SWIFT terminal, used again in 2016 where hackers stole just under €72 million.
In 2017 hackers took a different method where the theft of €11 million took place at Cosmos bank. Hackers targeted the ATM’s testing infrastructure either by spear phishing attacks or use of other means to gain admin rights over the network. They then created a malicious proxy switch. They set up a fake system from the switch by breaking the backend connection and putting their own counterfeit system in its place. Due to the lack of details sent to the backend, verification checks were not made on card details. In addition, there was no verification of PINs. Instead, fake responses were authorising transactions. It authorised millions worth of euros that used cloned transaction cards across 28 countries.
With attacks compromising different areas of the banking system, the precautions taken by BOV seem fitting in contrast to the damage that occurred previously.