EYP: preparations for digital war

The National Intelligence Service is preparing for the possibility of large-scale electronic warfare. On the occasion of the tension in the region, it begins to shield critical government infrastructures from potential cyber attacksattacks.

According to information from "K", in the immediate future and for the coming months, the EYP will carry out vulnerability checks on a number of government targets, such as the Maximos Palace, the Presidential Palace and the Ministry of Finance.

Τα αποτελέσματα των τεστ (penetration tests) θα είναι απόρρητα και γι' αυτά θα ενημερωθεί αρχικά η ηγεσία της κυβέρνησης. Ανάλογα με τα ευρήματα θα υπάρξουν πρωτοβουλίες για την ενίσχυση της ψηφιακής better safetyof sensitive Organisations.

International developments, after all, reveal the growing use of electronic weapons in international conflicts and disputes between states. The recent conflict between Israel and Iran, although it went "small" due to the pandemic, is a revealing example.

At the end of April, there were serious malfunctions in the operation of Israel's water supply and sewerage systems. The competent national service of the country - the corresponding EYDAP - initially attributed the problem to technical malfunctions, but then admitted that its systems had become the target of an electronic attack.

There have been reports in the country's press that the attack was launched by Iran using servers in the US and Europe. On May 9, Iran's largest commercial port, Shahid Rajaee near the Straits of Hormuz, was shut down as a result of a large-scale cyber attack. A Washington Post article attributed the attack to Israel, while the revelations were indirectly confirmed by the Chief of the General Staff of the Israeli Defense Forces, Aviv Kochavi, stating that "Israel will continue to act against its enemies with many different tools."

The first thoughts in the government and the EYP on shielding the critical government infrastructure for the possibility of an electronic war came in January when the Turks managed to shut down government websites, such as the Ministry of Foreign Affairs, the Ministry of Finance, the Parliament and even the Parliament itself. of the EYP.

The Turkish group "Anka Neferler" claimed responsibility for those attacks. In a Facebook post, she wrote: "Greece is threatening Turkey in the Aegean and the Eastern Mediterranean. "And now it threatens the Libyan conference." The attack did not cause damage to the computer systems of sensitive government agencies, but did alarm the government and the National Intelligence Service.

In the period that followed, there were discussions between EYP executives and the competent authority of the Ministry of Digital Policy in order to take immediate measures to strengthen cybersecurity. However, the spread of the coronavirus and the global health crisis "temporarily" "frozen" the developments.

Record problems

According to information from "K", in the immediate future, the EYP, after consultation with the National Cybersecurity Authority, will begin vulnerability checks on ten "critical" government targets. Executives of the service with the help of specialized personnel will carry out virtual cyber attacks and attempts to infiltrate the computer systems of ministries and other government agencies.

The aim of the process is to identify and record problems that exist in two areas. The first concerns the security policy of the Organizations: Which employees have access to specific computers? Which computers or servers have security codes? How often do these codes change? The problems will be pointed out to the administrations of the Organizations so that they can be dealt with immediately as their "treatment" does not require money.

The second goal of the tests is to check if the servers, computers and programs they use can meet modern security requirements or need to be replaced. There is concern that due to the ten-year economic crisis in the country most of the systems are technologically obsolete and therefore vulnerable to cyber attacks.

As, after all, "K" had revealed in April 2019, the Maximos Palace, the Ministry of Foreign Affairs, the EYP and the Hellenic Police were targets of cyberespionage. According to cross-referenced information, the perpetrators had managed to gain access to the internal networks of government agencies and intercept their electronic mail. The attack was detected due to a malfunction in the use of emails, while the audit revealed that the problem was due to a cyber attack against the Internet registry with the suffix .gr and .el, whose technical support is provided by the Research Technology Foundation in Heraklion, Crete.

Vulnerability checks by the EYP will take about 10 months and will be limited to government services and structures. For the digital security of the Public Benefit Organizations, for example, such as PPC or EYDAP, the Directorate of Cyber ​​Defense of the General Staff of National Defense (GEETHA) is responsible.

Exchange of "fire" from hackers

Following the cyber attacks of last January, Turkish hackers "dropped" on June 7 the by clicking here of the Chalkidonos Municipality of Thessaloniki. They changed the look of the front page and posted a picture of Kemal Atatürk with the slogan "Know your limits".

Την ευθύνη για την επίθεση ανέλαβε μια ομάδα Τούρκων χάκερ που υπογράφει ως «ο κυβερνοστρατός της Τουρκίας». Ο ιδιότυπος ηλεκτρονικός πόλεμος συνεχίστηκε, καθώς η ομάδα Anonymous Greece επιτέθηκε –ως αντίποινα– στην ιστοσελίδα του τουρκικού υπουργείου Εθνικής Αμυνας, θέτοντάς τη εκτός λειτουργίας. «Επειτα από επίθεση που δέχτηκε η Ελλάδα και συγκεκριμένα ένας δήμος (κάτι αsignaldo for us) from Turkey, we also went on the attack.

"The Turkish Ministry of National Defense is out," the members of the Greek team said in a post.

kathimerini.gr