Hellenic Post said it was resuming operations after a serious cyber-attack in late March brought down the computer systems with use of malware.
Hellenic Post, ELTA, announced on Wednesday that it had restarted the system that enables objects and items to be sent abroad after a cyber-attack brought the computers down.
Days before, financial services and the sending of simple correspondence were also re-activated. The suspension of these operations, among other things, has caused delays in the payment of pensions.
After the cyber-attack in March brought down the ELTA computer systems, the company isolated the entire data centre and temporarily suspended the commercial information systems of all post offices.
The cyber-attack, aimed at crippling the operations of ELTA, started from malicious zero-time software, which was installed on a workstation and, with the ‘HTTPS reverse shell technique”, connected to a computer system controlled by the cyber group, said ELTA.
Kathimerini newspaper also reported that the hackers used ransomware – nowadays the most common form of corporate cyberattacks. Most times, the victim receives a phishing email including a malicious link or is infected with a ransomware attachment.
“This specific malware, when executed, encrypts part of the victim’s hard drive and, in order for the victim to receive the decryption key and retrieve the data, a ransom must be paid to the attacker,” Dimitris Aretis, Senior Manager EY Cybersecurity Consulting, told BIRN.
“Bitcoin or other cryptocurrencies is used as the form of payment as it provides anonymity to the attacker and makes the transfer of funds untraceable,” he added.
US President Joe Biden on March 22 warned US companies of potential Russian cyber-attackers. But a source from ELTA told BIRN that Russian hackers were not involved in this case.
The Communications Privacy Protection Authority, ADAE, which is responsible for the criminal investigation of the case, declined to comment to BIRN on the issue.
On January 17, two hospitals in the Attika region, Sotiria and Asklipieio Voulas, fell victim of cyber blackmailers who used the same type of ransomware.
Panagiotis Stathis, chief of the 1st Health District of Attica, told BIRN that the hackers attacked the servers of the hospitals. The hackers did not get access to patients’ personal health data but only to the hospitals’ invoices and visitors. Sources told BIRN that the investigation into these cases is still ongoing.