Last updated Thursday 7.30am as bank's mobile app went back online
Bank of Valletta shut down all its operations on Wednesday morning after hackers broke into its systems and moved €13 million into foreign accounts.
All of the bank’s functions - branches, ATMs, mobile banking and even email services - were suspended and its website taken offline.
The bank's mobile app was back online on Thursday morning.
The fraudulent transactions had been traced and were "being reversed", Prime Minister Joseph Muscat told parliament later on Wednesday.
The attack is believed to have originated overseas.
'Funds not compromised'
In a statement, the bank reassured customers that their accounts and funds “are in no way impacted or compromised” and that it was working to resume normal services in a phased manner as soon as possible.
“The Bank is working closely with local and international police authorities in this regard,” it said.
"Bank of Valletta apologises to its clients for any inconvenience caused and will be keeping its customers and the general public informed of developments." Customs may phone on 21312020.
HSBC Malta issued a one-line statement saying its services were operating normally.
Payments to four countries blocked
The attack was detected shortly after the start of business on Wednesday morning, Prime Minister Joseph Muscat told parliament, when it noted reconciliation problems regarding international transfers.
Hackers sought to make international transfers to banks in the UK, US, Czech Republic and Hong Kong. The transfers were blocked within 30 minutes and the banks alerted, the Prime Minister said.
Watch: Prime Minister Muscat speaks to parliament about BOV hack
Initial indications are that the hack originated overseas, Dr Muscat added.
Bank of Valletta
MFSA keeping tabs
Malta's financial regulator, the MFSA, is closely monitoring the situation.
"The MFSA follows ECB guidelines with respect to cyber-security threats and attendant risk mitigating factors which need to be followed by licenced institutions," MFSA CEO Joseph Cuschieri told Times of Malta.
It was banks' responsibility to safeguard their cyber security, he added.
"We strongly encourage banks and other other licenced financial institutions continuously invest in their IT systems to prevent such occurrences," he said.
Shop owners in the dark
The shutdown has affected several local businesses which rely on BOV-operated point-of-sale equipment to process card payments. It also means POS systems run on rival banking networks cannot process payments on BOV-issued cards.
As of 3pm, shop owners remained in the dark.
Speaking to the Times of Malta on Wednesday afternoon, Chamber for Small and Medium Enterprises (GRTU) head Abigail Mamo said that shop owners had no option but to decline card payments as the point-of-sale devices used to charge credit cards were not working.
Shop owners initially thought something was wrong with their own systems, she said.
"Since the bank could not get in touch, they were not aware that something was wrong," she explained.
"They tried calling BOV, but didn't manage because their communication systems were down. It was a while before the bank got in touch and told them that they were offline," Ms Mamo explained.
No additional information was supplied to them, she said.
She explained that many customers were being turned away, resulting in some chaos in certain bigger shops, such as supermarkets, where they relied on the electronic devices for the majority of their payments.
“It’s obviously not the customers’ fault but they are, unfortunately, being turned away because the systems just aren’t working at the moment,” Ms Mamo said.
The GRTU head said that while some shop owners did have other POS machines installed, it was not always viable to use these as charges were higher.
A main clothing retailer confirmed that the problems started at around 1.15pm, noting that there had not been any issues earlier in the day.
While the retailer was making an effort to serve all customers, including those with a BOV card, by using the POS devices from other banks, some sales were still being lost.
APS Bank suspends some services
APS Bank said it had decided, as a precautionary measure, to suspend some of its services, including ATMs, cards-related transactions and payments from and to Bank of Valletta).
It stressed, however, that the integrity of its customers' accounts was protected and that deposits were safe.
Very rare occurrence
European Banking Authority guidelines introduced in 2018 lay out the steps EU-based banks and banking regulators ought to take when assessing and minimising their risk to IT-based threats.
Although banks in Malta have been attacked in the past, a source familiar with the regulatory sector said that something on this scale was very rare - which showed the levels of protection that banks had built up.
Banks in Malta are regulated by the Malta Financial Services Authority, which would - along with the European Central Bank - have been advised about this attack by BOV, he said.
The sources said that the authority would, in an ideal world, itself carry out checks on banks' IT systems, and not just on their capital ratios and governance.
"The reality is that to do this you need to have very qualified technical resources who would understand the systems and be able to check them and challenge their protection systems," he told the Times of Malta.
"Having said that, the banks do not rely on the regulator but have their own internal audit teams, and most also get external consultants to monitor them."
Banks and other large enterprises often employ so-called white-hat hackers - ethical hackers - to probe its systems and find bugs and shortcomings in their systems, a digital security expert told Times of Malta.
'Malta a honey pot'
The bank’s decision to completely shut down its operations was either taken in haste or else because it was a severe attack, a separate digital forensics expert told Times of Malta.
“Banks usually try to mitigate these attacks behind closed doors,” he explained, while making it clear that he had no knowledge of this specific attack.
Malta’s rapid economic growth meant more malicious players would be interested in hacking local companies, he added.
In such cases, companies’ focus in such cases was on getting their businesses up and running again, rather than preserving evidence.
“Most of the time the private sector rarely cases about the second,” he noted.
Have you been affected by the bank shutdown? Get in touch on firstname.lastname@example.org