Cyber Incident Victim: Athens Stock Market
Date:
Jan 2020
Location:
Greece
Summary
A cyber-attack disrupted multiple Greek government and business entities, including the Athens Stock Market, Parliament, and National Intelligence Services, causing widespread website outages. The Turkish hacker group Anka Neferler claimed responsibility, citing retaliation over geopolitical disputes related to Mediterranean gas rights. Attackers employed Denial of Service (DoS) techniques, flooding networks with traffic that forced authorities to disconnect servers to limit damage; no data theft occurred. The Foreign Affairs outage impaired diplomatic communications, potentially affecting consular operations. In response, the hacktivist group Anonymous Greece targeted Turkish websites and emergency services. Investigations found no direct evidence linking the attackers to the compromised systems despite their public claims.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 2 actors | Available to members | Available to members |
Description
On January 17, 2020, multiple Greek government and business websites experienced disruptive cyber-attacks, leading to widespread outages. The affected entities included the Greek Parliament, Ministry of Foreign Affairs, Ministry of Finance, National Intelligence Services (EYP), Athens Stock Market, and several private businesses. A Turkish hacker group known as Anka Neferler claimed responsibility for the attacks, stating they were retaliation against Greece’s refusal to recognize a November 2019 agreement between Turkey and Libya establishing an economic zone in the Eastern Mediterranean gas market region. The attackers employed Denial of Service (DoS) techniques, flooding target networks with traffic to overwhelm systems and disrupt normal operations. Greek authorities detected the anomalous traffic surges and responded by proactively disconnecting servers to limit further damage. Despite these containment efforts, the Greek Parliament’s website remained offline due to the attack’s intensity. No evidence of data exfiltration or theft was identified during initial assessments.
The attacks caused immediate operational disruptions across critical services. The Ministry of Foreign Affairs outage impaired communication capabilities for Greek consulates and embassies abroad, with government sources anticipating prolonged logistical challenges in international coordination. The Athens Stock Market’s incapacitation temporarily halted financial transactions and market operations. In retaliation, a group identifying as Anonymous Greece launched counter-cyber-attacks against Turkish targets, focusing on email services, government VoIP systems, and Turkey’s ‘112’ emergency call number infrastructure. Greek investigators found no direct forensic evidence linking the initial attacks to Anka Neferler or other groups on compromised servers, despite the public claim of responsibility. Recovery efforts proceeded alongside an ongoing investigation into the attack’s origins and methods. The incident underscored the geopolitical tensions influencing cyber operations in the region, with direct impacts on governmental, financial, and emergency service infrastructures in both nations.