Cyber Incident Victim: Hellenic Parliament
Date:
Jan 2020
Location:
Greece
Summary
A cyber-attack disrupted multiple Greek government entities and businesses, including the Parliament, Ministries of Foreign Affairs and Finance, National Intelligence Services, and the Athens Stock Market. Turkish hacker group Anka Neferler claimed responsibility, citing retaliation for Greece's rejection of a Turkey-Libya economic agreement. The attackers employed Denial of Service (DOS) techniques, overwhelming servers and forcing authorities to disconnect systems to limit damage; no data theft occurred but critical services experienced outages. The Foreign Affairs disruption hindered diplomatic communications internationally. In response, hacktivists identifying as Anonymous Greece targeted Turkish websites, impacting email services, government VoIP systems, and emergency call infrastructure. Investigations into the incident remain ongoing.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 2 actors | Available to members | Available to members |
Description
On January 17, 2020, multiple Greek government and business websites experienced disruptive cyber-attacks, resulting in widespread outages. Affected entities included the Greek Parliament, Ministry of Foreign Affairs, Ministry of Finance, National Intelligence Services (EYP), Athens Stock Market, and several unspecified Greek businesses. The Turkish hacker group Anka Neferler claimed responsibility, stating the attacks were retaliation for Greece’s refusal to recognize a November 2019 bilateral agreement between Turkey and Libya establishing an economic zone—a point of contention in Eastern Mediterranean gas market disputes. Attackers employed Denial of Service (DoS) techniques to overwhelm target networks with traffic, disrupting normal operations. Greek authorities detected the anomalous traffic surges and proactively disconnected servers to limit damage, though the Greek Parliament’s website remained offline following the attack. No evidence of data exfiltration or theft was reported. Media outlets in both Greece and Turkey extensively covered the incident, amplifying its geopolitical visibility.
The attacks caused immediate functional disruptions, with the Ministry of Foreign Affairs outage particularly impacting international communications channels for Greek consulates and embassies, potentially hindering diplomatic operations for weeks. In response, the hacktivist group Anonymous Greece launched retaliatory cyber-attacks against Turkish targets, compromising email services, government VoIP systems, and Turkey’s national ‘112’ emergency call number infrastructure. Greek government sources confirmed the DoS methodology but noted no forensic traces identifying the attackers were found on compromised servers despite Anka Neferler’s public claims. Investigations remained ongoing at the time of reporting, with no additional technical details about attack vectors or infrastructure released. The incident underscored tensions in regional diplomacy while highlighting vulnerabilities in critical government digital services.