ELTA

Hellenic Post, operating as ELTA, serves as Greece's national postal service, providing a range of essential communication and logistics services. Its core operations include traditional mail processing and delivery, bill payment processing, financial transaction handling, parcel tracking, and web-based labeling systems for customers. The organization functions as a public entity, underpinning both personal and commercial correspondence across the country. Its service portfolio indicates a role in critical national infrastructure, facilitating everyday financial and logistical needs for the Greek public and businesses. The incident overview confirms its function as a universal service provider, with the attack directly disrupting these fundamental postal and financial services. This positions ELTA as a key institution in Greece's economic and social framework, responsible for maintaining nationwide connectivity through physical and digital mail channels. The scope of the disruption, affecting mail processing and financial transactions, underscores its integrated role in handling diverse customer needs beyond simple letter delivery. Its services are inherently tied to public utility functions, suggesting a mandate to ensure reliable access across all regions. The existence of an unaffected Courier subsidiary further illustrates a structured operational model with specialized divisions for different service types. This structure allows for potential business continuity in specific segments during systemic crises, as evidenced during the ransomware incident.

The organization's operational scale and market reach are not explicitly quantified in the provided material, though its status as the public postal service implies a comprehensive national footprint. A defining attribute is its experience with a significant cyber incident in March 2022, where a ransomware attack exploited an unpatched vulnerability to deploy malware via an HTTPS reverse shell on a workstation. This attack caused widespread and indefinite outages, halting its core services and forcing the isolation of its primary data center. The response involved a massive inspection of over 2,500 computers to eradicate malicious payloads, highlighting the extensive nature of its IT estate. While no ransom demand was confirmed, the attackers' intent to encrypt critical operational systems was clear, demonstrating the organization's vulnerability to sophisticated threats targeting its operational technology. Authorities were notified, consistent with its role in national infrastructure. The incident's impact on customer data exposure remained unverified, but the prolonged service interruption directed customers to the separate Courier subsidiary for recovery, revealing a pre-existing structural contingency. This event underscores ELTA's position as a high-value target within the critical national infrastructure sector, where cyber disruptions have direct and severe consequences for public services and economic activity. The attack on its web labeling and tracking systems specifically targeted customer-facing digital platforms, indicating a focus on maximizing operational and reputational damage.