Reuters reported that the Bank of Valetta, which accounts for almost half of Malta’s banking transactions, had to shut down all of its operations on Wednesday after hackers broke into its systems and shifted funds overseas.
"Prime Minister Joseph Muscat told parliament the cyber attack involved the creation of false international payments totaling 13 million euros ($14.7 million) to banks in Britain, the United States, the Czech Republic and Hong Kong.
The funds have been traced and the Bank of Valletta is seeking to have the fraudulent transactions reversed.
Muscat said the attack was detected soon after the start of business on Wednesday when discrepancies were noticed during the reconciliation of international transactions.
Shortly after, the bank was informed by state security services that it had received information from abroad that the company had been the target of a cyber attack.
To minimize risk and review its systems, the Bank of Valletta suspended operations, shuttering its branches on the Mediterranean island, closing ATMs and disabling its website.
Muscat said the fact such an important financial institute had gone off line had impacted the economy and caused problems abroad for credit card holders who needed to make payments, such as to hotels.
The bank is also carrying out an internal review to establish where exactly the attack originated from and how it was instigated. Maltese banks have in the past reported cyber attacks but this was the first time that a lender had to shut down all of its operations as a result."
Attribution is hard in these cases, because often this happens under a "False Flag", for instance Russians making it seem like it's the North Koreans, but this pattern looks like could be North Korean hackers desperate for hard cash. Full Story at Reuters.
Generally, this type of hack starts with a successful spear phishing attack that opens up the victim's network to the bad guys who then move laterally and compromise critical systems.