The Land Registry agency in Greece has faced a significant cybersecurity incident, experiencing a series of 400 cyberattacks over the past week. This surge in attacks targeted the agency’s IT infrastructure, leading to a data breach that exposed approximately 1.2 GB of information. While this amounts to only about 0.0006% of the agency’s total data, the breach is noteworthy due to its scale and the frequency of the attacks. The stolen data predominantly includes administrative documents, with no indications that personal information of Greek citizens has been compromised.
The attackers’ efforts included attempts to create a malicious user account to gain access to the agency’s central database. Fortunately, these attempts were unsuccessful, and no unauthorized access to the central database was achieved. A database backup, which is updated daily, was accessed, but the hackers’ attempt to exfiltrate the data to an external server was blocked. This rapid response highlights the agency’s effective containment measures, preventing a potentially more severe impact.
Following the breach, the Land Registry, in coordination with the Cybersecurity Directorate of the General Staff of National Defense, undertook immediate actions to fortify its defenses. All employee passwords have been reset as a precaution, and two-factor authentication has been mandated to enhance account security. Additionally, the agency has suspended all VPN access to block any ongoing malicious activities. These steps are part of a broader strategy to mitigate the risk of ransomware and other cyber threats.
Despite the breach, the Land Registry’s digital services have continued to function without interruption, and transactions with citizens have remained secure. The attack on the Land Registry is part of a troubling trend of cyber incidents affecting Greece’s critical infrastructure. Previous high-profile attacks include a ransomware attack on the state-owned postal service, ELTA, in 2022, and a breach of the country’s largest natural gas distributor, DESFA, involving the Ragnar Locker ransomware. These incidents underscore the ongoing challenges Greece faces in protecting its digital infrastructure from sophisticated cyber threats.
Reference:
