ATHENS – Two cyberattacks in a week on Greece’s official ministries website, ranging from the Prime Minister and National Intelligence Service to public safety authorities may have been the work of Turkish hackers targeting governments and groups in Europe and the Middle East.
Three senior security officials who weren’t named told the news agency Reuters that the group – said to be tied to Turkey’s government – broke into the sites of at least 30 groups and government ministries, including Cyprus and Greece’s emails in 2018-19 but no evidence emerged they were behind the recent data blocking in Greece.
The attacks involve intercepting internet traffic to victim websites, potentially enabling hackers to obtain illicit access to the networks of government bodies and other organizations, the news agency said about the sweeping breadth of the hack attacks.
The security officials, two British and one American, said the the activity bears the signature of a state-backed cyber espionage operation conducted to advance Turkish interests with Greece and Turkey near the boiling point over claims to the seas.
It wasn’t said if that was Anka Neferler Tim (Phoenix’s Helmets) which said it hacked in as a response to Greek “threats” against Turkey which is drilling for oil and gas in Cypriot sovereign waters and signed a deal with Libya dividing the seas, planning to also hunt for energy off Crete.
The officials said their review of the attacks found the hackers cyber fingerprints method, including targeting Turkey’s political enemies, similarities to previous attacks and information in confidential intelligence assessments they wouldn’t reveal.
The officials said it wasn’t clear which specific individuals or organizations were responsible but that they believed the waves of attacks were linked because they all used the same servers or other infrastructure but believing it was government-backed.
Turkey’s Interior Ministry wouldn’t comment to the news agency and a senior Turkish official did not respond directly to questions about the campaign but said Turkey had also been hit with cyberattacks.
The Cypriot government said in a statement that the “relevant agencies were immediately aware of the attacks and moved to contain” them. “We will not comment on specifics for reasons of national security,” it added.
Officials in Athens said they had no evidence the Greek government email system was compromised although media reports said cyber defense systems are so outdated so go back to 2004 and that the government wasn’t equipped to deal with sophisticated hackers.
The Cypriot and Greek attacks as well as in Iraq identified by Reuters all occurred in late 2018 or early 2019, according to the public internet records. The broader series of attacks is ongoing, according to the officials as well as private cybersecurity investigators also investigating.