More than 800 services of Greece’s Gov.gr and TAXISnet, as well as medical prescriptions, were frozen by an unprecedented DDoS attack. The cyber attack reportedly came from the Netherlands.
One of the biggest cyber attacks to hit Greece took place on Friday morning against the information systems of the Ministry of Digital Governance, centreed on TAXISnet, whose operation was “blocked” for over 48 hours.
It was an unprecedented DDoS type attack, which according to sources, came from the Netherlands. The unknown cyber-criminals attempted to temporarily “down” or even completely stop the operation of approximately 800 Government websites.
Hundreds of Gov.gr services now operate with the use of TAXISnet codes, as well as the authentications for services of banking institutions.
Among the problems caused, was to knock out electronic prescriptions. Doctors could only prescribe in handwriting on the weekend in emergencies, while on-call pharmacies could not fill emergency prescriptions. Not even hospital doctors could prescribe to patients who came to emergency rooms.
During DDoS attacks, as competent IT technicians explained to TA NEA newspaper, a series of bots or botnets flood a Web site or service with HTTP requests, interrupting data transmission between hosts.
Essentially, multiple computers attack a computer at a certain time (for some minutes, hours or even days), blocking its use by legitimate users. This results in the service being slow to respond or not working at all for a period of time.
Also, during an attack, it is possible for attackers to penetrate the database of the affected computer-systems, gaining access to all kinds of sensitive information.
That is, DDoS attacks can exploit security vulnerabilities and target any endpoint that is publicly accessible over the Internet. So-called “denial of service attacks” (DDoS) can last hours or even days.
Competent sources reported to NEA, that during the attack on the information systems of the Ministry of Digital Governance, the operation of more than 800 State websites connected to them was “blocked”. The specific websites were either unable to “open” or their “opening” was very slow.
The National Cybersecurity Authority was immediately called in, with IT technicians racing until Sunday night to restore the websites with the help of OTE technicians (it’s the telecommunications provider of the State, through which the websites operate and the servers of various services and organisations).
It is typical, that in order to stop the attacks of the unknown attackers, the technicians did Geoblocking (geographic blocking) throughout the Netherlands, because they found that the “blocking” of the Government websites came from the Netherlands, where the Azure network also “hit” Microsoft.
As of Sunday afternoon, about 600 websites had been “cleaned up” and were allowed access again after initializing settings.