Cyber Incident Victim: Greek Fire Service
Date:
Jan 2020
Location:
Greece
Summary
A distributed denial-of-service (DDoS) attack disrupted multiple Greek government websites, including those of the prime minister, national police, fire service, and key ministries, causing operational malfunctions. This incident followed a prior cyberattack claimed by Turkish hacker group Anka Neferler Tim, which hijacked parliamentary, ministerial, and stock exchange sites for over 90 minutes in retaliation against Greece's geopolitical stance toward Turkey in the Aegean Sea and eastern Mediterranean. The recent attacks coincided with heightened regional tensions after Athens hosted Libyan military commander Khalifa Haftar and preceded a Berlin peace conference on Libya from which Greek representatives were excluded. Both incidents targeted critical digital infrastructure amid diplomatic disputes.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
On January 23, 2020, multiple Greek government websites experienced distributed denial-of-service (DDoS) attacks that disrupted public access to critical online services. The incident impacted official domains belonging to the Prime Minister's office, the ministries of public order, interior, foreign affairs, and merchant marine, alongside the Greek Police and Fire Service portals. Government spokesman Stelios Petsas publicly acknowledged the cyberattack, confirming that the coordinated DDoS campaign caused technical malfunctions rendering these websites intermittently inaccessible during late Thursday operations. This marked the second major disruption within a week, following a separate cyber incident targeting government infrastructure and the Athens Stock Exchange days earlier. No data breaches or system compromises were reported from this DDoS event, which primarily degraded availability through overwhelming traffic volumes rather than exploiting vulnerabilities for unauthorized access.
The Turkish hacker collective Anka Neferler Tim claimed responsibility for the prior attack through Facebook posts, alleging they hijacked parliamentary, foreign affairs, and economy ministry websites for over 90 minutes. Their stated motivation cited geopolitical tensions, specifically accusing Greece of threatening Turkey's interests in the Aegean Sea, eastern Mediterranean, and Libya policy discussions. This cyber activity coincided with diplomatic developments surrounding Khalifa Haftar's visit to Athens preceding the Berlin peace conference on Libya, where Greek representatives were excluded despite the attendance of Libyan faction leaders. The timing suggests potential retaliation for Greece's regional positioning, though no group publicly affiliated itself with the January 23 DDoS attacks targeting emergency services and core government platforms. Service restoration efforts commenced promptly, though technical specifics regarding mitigation strategies or traffic sources remained undisclosed by authorities.