EYP is preparing for a future cyber war: The National Intelligence Service is preparing for the possibility of a large-scale electronic war. Due to the tension in the region, it is starting to shield critical government infrastructure from possible ones cyber attacks. According to information from "K", in the immediate future and for the next few months, the EYP will conduct vulnerability checks on a number of government targets, such as the Maximos Palace, the Presidential Palace and the Ministry of Finance. Test results (penetration tests) will be confidential and the government leadership will be informed about them first. Depending on the findings, there will be initiatives to enhance the digital security of sensitive organizations. International developments, moreover, reveal the growing use of electronic weapons in international conflicts and disputes between states. The recent clash between Israel and Iran, although "minor" due to the pandemic, is a revealing example.
In late April, there were serious irregularities in the operation of Israel's water and sewerage systems. The country's relevant national service - the corresponding EYDAP - initially attributed the problem to technical malfunctions, but later admitted that its systems had been targeted. electronic attack. There were reports in the country's press that Iran had launched the attack using servers in the United States and Europe. On May 9, Iran's largest commercial port, Shahid Rajaee, near the Straits of Hormuz, was shut down as a result of a large-scale cyber attack. A Washington Post report attributed the attack to Israel, and the revelations were indirectly confirmed by the head of Israel's General Staff of Defense, Aviv Kotsav, stating that "Israel will continue to act against its enemies with many different tools."
In the government and the EYP, the first thoughts on arming critical government infrastructure on the possibility of an electronic war were made in January when Turks managed to shut down government websites, such as the foreign ministry, finance ministry, parliament and even itself. of EYP. The Turkish team claimed responsibility for the attacks.Anka Neferler». In a post on Facebook, she wrote: "Greece threatens Turkey in the Aegean and the Eastern Mediterranean. And now it threatens the Libyan conference. " The attack did not damage the computer systems of sensitive government agencies, but it did alarm the government and the National Intelligence Service. In the period that followed, there were discussions between EYP executives and the competent authority of the Ministry of Digital Policy in order to take immediate measures to strengthen cybersecurity. But the spread of the corona and the global health crisis have only temporarily "frozen" developments.
According to information from "K", in the near future, the EYP, in consultation with the National Cybersecurity Authority, will begin vulnerability checks on ten "critical" government targets. Officials of the service with the help of specialized personnel will carry out virtual electronic attacks and attempts to infiltrate the computer systems of ministries and other government agencies. The aim of the process is to identify and record problems that exist in two areas. The first concerns the security policy of the Organizations: Which employees have access to specific computers? What computers or servers do they have? security codes; How often do these codes change? The problems will be pointed out to the administrations of the Organizations so that they can be treated immediately as their "treatment" does not require money.
The second goal of the tests is to check if the servers, computers and the programs they use can meet modern security requirements or need to be replaced. There are concerns that due to the country's ten-year economic crisis, most of the systems are technologically outdated and therefore vulnerable to cyberattacks.
As "K" revealed in April 2019, the Maximos Palace, the Ministry of Foreign Affairs, the EYP and the Greek Police were the targets of cyber espionage. According to cross-referenced information, the perpetrators had managed to gain access to the internal networks of the state services and steal their e-mail. The attack was noticed due to a malfunction in use of emails, while the audit revealed that the problem was due to a cyber attack against the Internet registry with the suffix .gr and .el, whose technical support is provided by the Research Technology Foundation in Heraklion, Crete.
Vulnerability checks by the EYP will take about 10 months and will be limited to government services and structures. For the digital security of the Public Benefit Organizations, for example, such as PPC or EYDAP, the Directorate of Cyber Defense of the General Staff of National Defense (GEETHA) is responsible.
Exchange of "fire" from hackers
Following the cyber attacks of last January, Turkish hackers "threw" on June 7 the website of the Municipality of Chalkidona Thessaloniki. They changed the look of the front page and posted a photo of Kemal Ataturk with the slogan "Know Your Limits". A group of Turkish hackers, who sign the "Turkish cyber army", claimed responsibility for the attack. The peculiar electronic warfare continued as the Anonymous Greece team attacked - as retaliation - the website of the Turkish Ministry of National Defense, putting it out of operation. "After an attack by Greece and specifically a municipality (something insignificant for us) by Turkey, we also attacked. The Turkish Ministry of National Defense is out ", the members of the Greek team said in a post.