Cyber Incident Victim: Εθνική Υπηρεσία Πληροφοριών (ΕΥΠ)
Date:
Jan 2020
Location:
Greece
Summary
A cyber-attack disrupted multiple Greek government websites, intelligence services, and businesses, causing widespread outages through denial-of-service techniques. Turkish hacker group Anka Neferler claimed responsibility, citing retaliation over geopolitical disputes in the Eastern Mediterranean. The attacks forced authorities to disconnect servers to mitigate damage, with the parliament site remaining offline and foreign affairs disruptions potentially hindering diplomatic communications. No data theft occurred. In response, the group Anonymous Greece targeted Turkish entities, compromising email services, government VoIP systems, and emergency call infrastructure. Investigations are ongoing, though no direct evidence linking the attackers was found on affected servers.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
On January 17, 2020, multiple Greek government and business websites experienced disruptive cyber-attacks, leading to widespread outages. The affected entities included the Greek Parliament, Ministry of Foreign Affairs, Ministry of Finance, National Intelligence Services (EYP), Athens Stock Market, and several private businesses. A Turkish hacker group known as Anka Neferler claimed responsibility for the attacks, citing retaliation against Greece’s refusal to recognize a November 2019 bilateral agreement between Turkey and Libya establishing an economic zone in the Eastern Mediterranean. The attackers employed Denial of Service (DoS) techniques, overwhelming targeted networks with traffic to disrupt normal operations. Greek authorities detected the anomalous traffic and disconnected servers to mitigate further damage, though the Parliament’s website remained offline due to the attack. No data exfiltration or theft was reported. Media outlets in both Greece and Turkey extensively covered the incident, amplifying its geopolitical context amid regional tensions over energy resources.
The attacks had immediate operational consequences, particularly for Greece’s diplomatic functions. The Greek City Times reported that the Foreign Affairs Ministry’s outage impaired consulates and embassies’ ability to communicate externally, projecting disruptions for weeks. In response, a group identifying as Anonymous Greece launched retaliatory cyber-attacks against Turkish targets, compromising email services, government VoIP systems, and Turkey’s ‘112’ emergency call number infrastructure, as documented by Neos Kosmos. Greek government sources confirmed the DoS methodology but noted no forensic evidence directly linking Anka Neferler to the attacks was found on compromised servers. Investigations remained ongoing, with no public attribution beyond the group’s claim. The incident underscored the interconnected nature of cyber-conflict in regional disputes, with digital disruptions directly impacting governmental operations and cross-border communications.