Cyberattack in Thessaloniki

By Stefanos Kytanis March 28, 2023

Five years ago the security of the digital infrastructures of the organisations was not even an object of discussion. Most though of security as a store room with a lock on the outside, a back-up external drive, that usually remained connected on the server, and an antivirus that in most of the cases was a free one.

It comes without saying that file sharing policies, back-up check in portable devices, active directory, firewall, certified connection of the users in the internet, GDPR, website access restrictions and in everything that we today consider digital security. All of the above though, change for the best in the past few years. The Covid era was a milestone in this process as the safe remote access to the information systems became a non-negotiable necessity.

Citizens’ and companies’ need to be served and to serve remotely brought about questions on the security of the transactions. It became then more apparent than ever that security is of maximum importance and lays in many levels. It is also rather complex and may hide many dangers when approached in a wrong way and applied by non specialised scientific personnel. A few incidents that made it to the news made the citizens, the organisations and the companies more insecure. One can find many articles on the cyber-attack that took place on the 22nd July 2021 to the Thessaloniki’s (Greece) City Hall servers and allowed the perpetrators to take into their possession and leak in the dark web financial reports, property top views, legal documents, reports on elections, mails, documents on employees, but also some information about the former Mayor of Thessaloniki, Giannis Mpoutaris, and in particular a copy of his passport and a copy of his payroll slip. No one knows if more personal information were stolen, as the hackers chose to publish only the particular 50 files in pdf form, of a total size 91.9MB.

The data concerned older years, up to 2016, and the hackers blackmailed the Municipality of Thessaloniki, in order to extract money, as it is usually the case in the ransomware cyber-attacks, resulting in non-accessible by anyone, encrypted data. The electronic system was out of order for many days, many electronical files were lost, the Citizens’ Registry and the Financial Services, with which the professionals interact, had been put out of system and for another 2,5 months later, some services had still not fully returned to the previous state.

Another portal that was very important was the GIS which was rather useful and important for the technical departments of the Municipality and the citizens and engineers alike. Two more attempts were made, luckily without success. The first one on the 29th September and the second one on the 30th of the same month. The cyber-attack was noticed at once and the authorities of the Municipality notified the respective Police Department against Cyber Crime.

The first cyber-attack was the cause for the better electronical protection systems which functioned effectively and prevented the hackers from infiltrating the information systems of the Municipality. Unfortunately, sometimes it takes similar unfortunate events to raise awareness. Here is to hoping that the aforementioned incident it will prevent many worse cases.

Author: Stefanos Kytanis, Sales Manager, OTS SA

List of References Voria.gr, 2021: https://www.voria.gr/article/nea-dipli-kivernoepithesi-dechthike-o-dimos-thessalonikis Ethnos.gr, 2021: https://www.ethnos.gr/greece/article/168824/kybernoepitheshstodhmothessalonikhsdierreysandedomenatoympoytarh