ATHENS – A cyberattack against the Hellenic Post (ELTA) that interfered with postal service in Greece was just the latest in a growing string of them designed by hackers to try to get ransom in cryptocurrency to unblock seized data, said Kathimerini.
In a report, the newspaper cited how hackers are going after Greek government agencies and institutions and that the cyber war tactics over the past year, during the COVID-19 pandemic, are getting bolder and with the same aim: to be paid.
The latest came just as the European Union’s cybersecurity office ENISA moved to a new headquarters from another in Athens and as bloc experts are trying to devise defenses against ever-more sophisticated electronic assaults.
It wasn’t said if Greece paid ransom in any of the cases but the report noted that the cyberattacks are being stepped up and going after agencies with critical data where it would seem protections would be high.
That included hackers in February 2021 targeting some 150 computers at Hellenic Defense Systems, a manufacturer of small arms, artillery and munitions, locking files containing financial and legal data, contracts, as well as emails, the report said.
They asked for hundreds of thousands of euros in bitcoins to send an encryption key that would unlock the files but the company refused and forensic research showed malware broke into the company’s systems through phishing emails with links.
They were sent for a month before one unsuspecting worker opened one – a cardinal error with employees advised to never open one from someone they don’t know – in this case allowing malware named Avaddon to begin a data breach.
A cyber defense unit from Army Headquarters spent a month at the company’s offices to redesign the network, install a new firewall and implement new security protocols. Employees were forbidden to use USB sticks, the report said.
Another attack targeted Thessaloniki, Greece’s second-largest city, on July 21 that year and taunted on computer screens: “Thessaloniki, you’re screwed.” Officials refused to bow to demands for ransom and the hackers published some leaked documents.
The municipality was also the target of two attacks on the same day, September 30, 2021, which officials said were fended off.
In January 2022, a server at the National Health System serving the accounts departments of Attica hospitals Asklipieio and Sotiria was attacked with ransomware, requiring accounts departments to use paper for days before it was fixed but hospital administrators said they refused to negotiate and it wasn’t disclosed if data was lost.