The confirmation once again that the computer systems of the educational institutions in Greece are COMPLETELY lacking in security and protection of data them, he came to give us a new "hit" the famous Greek Hacker with the pseudonym ”[PAOK]” .
The "hit" took place at ATEI. Serres, which was once again attacked by [PAOK] as you can see here. Then he had clearly warned the institution about the problems security that he was facing, through alterations to the original websites of some of the institution's departments. This time, however, he went even deeper into computing systems of ATEI. Serres, resulting in acquiring complete and not identifiable access to the database of the entire institution, even with rights Admin (Root / Administrator)!! . This practically means that [PAOK] had the ability to read and tamper with sensitive data such as usernames, passwords, student rankings etc. . The specific data is as understood critical to the smooth mode of the institution but also for its credibility with students.
The details of the attack
We quote screenshots that were notified to us by [PAOK] EXCLUSIVELY about the attack:
A) Alteration to the institution's central website:
B) Below is the level of access to the central database of the Foundation. The information available to [PAOK] relates to user codes and administrators with full access to the institution's facilities.
(SecNews - We have concealed relevant information regarding user passwords and personal data for reasons of confidentiality)
Below, some changes appear on the Foundation's main site pages, stressing that security gaps must be corrected:
According to his statement hacker [PAOK], "The next step now belongs to the state and should be the shielding of the information systems of educational institutions in Greece, by people with the appropriate knowledge and support from the Ministry of Education, so that they can implement data security plans for smooth operation and reliability of the country's educational institutions "
The problem with university holes is chronic.
Nobody cares because nobody just cares, so… "go free"!
Also all the "ready" GR CERT type teams that are?
Do they expect any reference to the dish from their site?
Also, where are the famous critical infrastructure protection teams (we do not say names)? Do we know που to sell magic to the "neighbors"… to protect our own critical infrastructure… where are we?
In transnational and NATO cyber-wars we are "manoles"….
But I forgot, very few universities / universities are considered…. infrastructure!
Good night and good sleep !!
Alex Iliopoulos BICYCLE ARTS I WANT A DOCTOR….