The cyberattack on the Subject Bank of the Institute for Educational Policy has once again brought the issue of cybersecurity to the forefront in Greece. According to the data that have become known at the moment, Theme Bank infrastructure was subjected to a two-day DDoS (Distributed Denial of Service) cyber attack. Essentially, this type of attack aims to artificially overload the network, causing it to slow down or stop working. Let’s imagine hundreds of people bursting into a department store at the same time and demanding to be served, effectively blocking the customer service process. This is exactly what a DDoS attack does on a digital network providing a service, and the “clients” are well-known bots or botnets, an abbreviation for the word “robot”, that is, an automated program that performs predetermined actions and pretends to be a user. This is also the reason why we often encounter tabs that try to determine that the user is not a bot.
The attack on Theme Bank appears to have been coordinated, with 165,000,000 base hits counted, with bots spread across 114 countries. This does not necessarily mean that devices from 114 countries were involved, as these programs often use forks to exchange spots, etc.
It is logical that different questions arise. This is not the first time Greece has faced a cyberattack on a public network. A typical case is the attack on ELTA in March 2022, which belongs to the Ransomware category, i.e. blocking data for the purpose of demanding a ransom. But they are not the only ones. Both Greece and all countries in the world face a high volume of cyber attacks on a daily basis, mainly DDoS and ransomware being the most common, the vast majority of which they face, so there is no publicity. If we look at the reports of European services and international organizations, we find that cyber attacks are a daily battle for all countries.
A lot of progress has been made in a few years, and today Greece has an integrated cybersecurity ecosystem. However, much remains to be done.
However, these attacks are carried out not only against public services, but also against companies and even individuals. A DDoS attack can target anything from an online banking system to an online food ordering platform to social media. While the simplest form of ransomware attack is carried out against a person when, by blocking his computer, they ask for a certain amount of money in return.
The situation becomes more complicated when we discuss who can and does such attacks and why. This is a real Lernean hydra. Individual hackers, cyberactivist groups, cybercriminals who use their services, and state-specific parastatal and government agencies. For example, from Anonymous to Mustang Panda, the Chinese cyber group or Killnet, who are the most experts in the field of DDoS attacks and work in the interests of Russia, are behind such an attack. After all, cyberattacks are an integral part of the hybrid doctrine of war and operations, which in recent years has been the main strategy of Russia.
Thus, the threat is complex and characterized by a large scale and intensity of action. This is also the reason why cybersecurity has been a major concern of states in recent years. Greece, unfortunately, is one of the countries that are far behind in the race for cybersecurity. In recent years, and especially since 2020, we have been running to close the lost positions, which actually creates vulnerabilities. It was only in October 2019 that we received a national list of critical digital infrastructures. For critical infrastructures outside the digital space, we have no equivalent, although they all operate in the digital domain. A lot of progress has been made in a few years, and today Greece has an integrated cyber security ecosystem (Ministry of Digital Governance, EYP, Cybercrime Authority, Cyber Defense Authority). However, much remains to be done, even mainly by the providers and operators of infrastructure and services. Protective measures, security plans, first responders, etc. However, unfortunately, during the pre-election period, cybersecurity failed to find the place that we should give it.
Mr. Triantafyllos Karathrantos is a PhD in European Security and Emerging Threats and Chief Scientist at ELIAMEP.
Source: Kathimerini
Ashley Bailey is a talented author and journalist known for her writing on trending topics. Currently working at 247 news reel, she brings readers fresh perspectives on current issues. With her well-researched and thought-provoking articles, she captures the zeitgeist and stays ahead of the latest trends. Ashley’s writing is a must-read for anyone interested in staying up-to-date with the latest developments.