The National Intelligence Service is preparing for the possibility of a large-scale cyber war. Due to the tension in the region, it is starting to shield critical government infrastructure from possible cyber attacks.
According to information from "K", in the immediate future and for the coming months, the EYP will carry out vulnerability checks on a number of government targets, such as the Maximos Palace, the Presidential Palace and the Ministry of Finance.
The results of the penetration tests will be confidential and the government leadership will be informed about them first. Depending on the findings, there will be initiatives to enhance the digital security of sensitive Organizations.
International developments, after all, reveal the growing use of electronic weapons in international conflicts and disputes between states. The recent conflict between Israel and Iran, although it went "small" due to the pandemic, is a revealing example.
At the end of April, there were serious malfunctions in the operation of Israel's water supply and sewerage systems. The competent national service of the country - the corresponding EYDAP - initially attributed the problem to technical malfunctions, but then admitted that its systems had become the target of an electronic attack.
There have been reports in the country's press that the attack was launched by Iran using servers in the US and Europe. On May 9, Iran's largest commercial port, Shahid Rajaee near the Straits of Hormuz, was shut down as a result of a large-scale cyber attack. A Washington Post article attributed the attack to Israel, while the revelations were indirectly confirmed by the Chief of the General Staff of the Israeli Defense Forces, Aviv Kochavi, stating that "Israel will continue to act against its enemies with many different tools."
The first thoughts in the government and the EYP on shielding the critical government infrastructure for the possibility of an electronic war came in January when the Turks managed to shut down government websites, such as the Ministry of Foreign Affairs, the Ministry of Finance, the Parliament and even the Parliament itself. of the EYP.
The Turkish group "Anka Neferler" claimed responsibility for those attacks. In a Facebook post, she wrote: "Greece is threatening Turkey in the Aegean and the Eastern Mediterranean. "And now it threatens the Libyan conference." The attack did not cause damage to the computer systems of sensitive government agencies, but did alarm the government and the National Intelligence Service.
In the period that followed, there were discussions between EYP executives and the competent authority of the Ministry of Digital Policy in order to take immediate measures to strengthen cybersecurity. However, the spread of the coronavirus and the global health crisis "temporarily" "frozen" the developments.
According to information from "K", in the immediate future, the EYP, after consultation with the National Cybersecurity Authority, will begin vulnerability checks on ten "critical" government targets. Executives of the service with the help of specialized personnel will carry out virtual cyber attacks and attempts to infiltrate the computer systems of ministries and other government agencies.
The aim of the process is to identify and record problems that exist in two areas. The first concerns the security policy of the Organizations: Which employees have access to specific computers? Which computers or servers have security codes? How often do these codes change? The problems will be pointed out to the administrations of the Organizations so that they can be dealt with immediately as their "treatment" does not require money.
The second goal of the tests is to check if the servers, computers and programs they use can meet modern security requirements or need to be replaced. There is concern that due to the ten-year economic crisis in the country most of the systems are technologically obsolete and therefore vulnerable to cyber attacks.
As "K" had revealed in April 2019, the Maximos Palace, the Ministry of Foreign Affairs, the EYP and the Greek Police were targets of cyber espionage. According to cross-referenced information, the perpetrators had managed to gain access to the internal networks of the state services and to steal their e-mails. The attack was perceived due to a malfunction in the use of emails, while the audit revealed that the problem was due to a cyber attack against the Internet registry ending in .gr and .el, which is technically supported by the Research Technology Institute in Heraklion. Of Crete.
Vulnerability checks by the EYP will take about 10 months and will be limited to government services and structures. For the digital security of the Public Benefit Organizations, for example, such as PPC or EYDAP, the Directorate of Cyber Defense of the General Staff of National Defense (GEETHA) is responsible.
Exchange of "fire" from hackers
Following the cyber attacks last January, Turkish hackers "threw" on June 7 the website of the Municipality of Chalkidona, Thessaloniki. They changed the look of the front page and posted a photo of Kemal Ataturk with the slogan "Know your limits".
A group of Turkish hackers claiming to be "the Turkish cyber army" claimed responsibility for the attack. The idiosyncratic cyber war continued as the Anonymous Greece group attacked - in retaliation - the website of the Turkish Ministry of National Defense, shutting it down. "After an attack by Greece and specifically a municipality (something insignificant for us) from Turkey, we also attacked.
"The Turkish Ministry of National Defense is out," the members of the Greek team said in a post.