Dust-off old Tools
BOV customers request for the meantime...
"Will you accept a check?"
Malta's Bank of Valetta (BOV) has pulled the plug on its entire internet access, including shutting down cashpoints and branch offices, after detecting a "cyber intrusion" by crims that tried to steal nearly €13m. The Times of Malta reported: "All of the bank's functions – branches, ATMs, mobile banking and even email services …
From what I've picked up, the BOV manages its own DNS, and it appears they may not have proper network segmentation in place so when they had to shut down access, the public site went with it. I'm guessing someone may re-architect things slightly afterwards.
Be that as it may, I am impressed that they failed transactions via reconciliation errors in 30 minutes and started reversing them. I've known banks that would not have spotted this in 30 days, so I don't think they're coming out of this too badly. Sure, some optics need tweaking, but it could have been much worse - someone has just had their security budget justified :).