By Marianas Kakaounakis

It was late last Sunday afternoon when an employee of the company "Fthiotiki Anπτυakis", which manages European programmes, opened her computer. Normally, as soon as she logs on to the Internet, her company's website automatically appears. But instead of seeing its logo, she saw the red flag of Turkey. At first she was surprised, checked that she had entered the correct e-mail address, tried to log in again. Nothing changed though and within seconds the national anthem of Turkey started playing. She immediately informed her manager and tried to get hold of someone from the technical company that had designed the website years ago.

"We no longer had a contract with them, but we thought it was a national issue, so we helped them," explains the technician who quickly identified the security hole that the Turkish hackers had found. He "took down" the website and at the same time tried to assess what kind of access they had gained.

At the same time, the same group had attacked at least four other Greek businesses, while another group, the "turk hack team", which had also "hit" various websites in the previous days, was uploading lists of personal data (mainly names and contact details of employees of some ministries and schools).

The Turkish hackers claimed that their actions were in retaliation for the recent border violation by the two Greek soldiers in Evros: "If Greece does not comply and stop violating our borders, then we will launch an unprecedented cyber attack," they warned.

"Digital Kolokotronis"

"Threats like these are nothing new," explains Theofanis Kasimis, head of a cybersecurity company in Athens. "All this is part of the well-known rivalry between Greek and Turkish hackers especially in times of diplomatic tension," he adds. He knows this well, because for years he has been operating, as he says, on the "other side" as a hacker. When he took his first steps in cyberspace at the age of thirteen, he watched with admiration the work of a then-famous hacker who hacked Skopje government pages.

Later, in times of tension with Turkey, he remembers well the attacks from both sides. "It wasn't that we were organizing and deciding who was going to hit what, it was just that someone felt like 'Digital Kolokotronis' and acted accordingly. The same thing is happening now," he explains.

Cyber attacks like these have been a frequent subject of study in recent years by the cybersecurity department of a major foreign investment bank. An executive agreed to talk to K, without his name being published, about some of the analysis he has done: "These attacks are carried out by ordinary citizens, young people with a particular affinity for computers and programming," he explained. "Almost always, they express their patriotic, nationalistic feeling. In other words, they are a kind of release and therefore they are usually not assessed as dangerous."

However, the Greek-Turkish cyber conflicts (as well as those of other states experiencing tension) are monitored by the same group for a series of reasons: "Although these hackers are theoretically independent, they can be used by their respective states, something that has been extensively observed in Russia." As an example, he mentions the cyber attack on the Qatari embassy in Cyprus about a year and a half ago. From the investigation conducted, it emerged that the hackers may have appeared as an independent Russian group, but it is more likely that they had support and instructions from the state. Their target was not the embassy but the Ministry of Foreign Affairs of Cyprus, which they eventually attacked through the embassy, aiming to gain access to the agreements that had been made at that time regarding research in the Cypriot EEZ.

"Such types of attacks, cyber espionage, and information gathering are always more intense during periods of crises, whether diplomatic or economic, and therefore countries like Greece require proper state-level preparation," he explains.

"The cyber warriors"

This is something that Rear Admiral (Ret.) Dionysis Antonopoulos was aware of and had started discussing with his colleagues in the Hellenic Navy as early as 1997. "Back then, however, cyber defense was seen as something exotic," he explains to "K" magazine. "Some countries had started to get involved, but it was still happening behind closed doors."

Finally, in 2000 they managed to set up a small cyber defence team. Their goal was to shield the Armed Forces and the Ministry of Defense from attacks. He retired 10 years later, but he had the pleasure of seeing that team grow (it is now part of the General Staff) and excel in difficult missions (in 2009, in a NATO exercise simulating cyber attacks, the team representing Greece came out on top). As he says, the Cyber Defence Directorate has now evolved into a truly powerful combat unit: "It's elite like the frogmen, it just uses a different kind of tools," he explains.

Even "innocent" hits need attention

Commodore (retired) Dionysis Antonopoulos continues to monitor cyber developments and having studied examples such as the cyber warfare that Estonia suffered in 2007, he is now well aware of the realistic risks: "It is certain that if Greece is ever involved in an armed conflict, cyber attacks will have preceded it in order to weaken coordination in the preparation and conduct of operations." Therefore, he believes that equal attention should be paid to all attacks, no matter how "innocent" they may seem. Similarly, he is well aware that in times of tension, an incident can easily occur due to an impulsive hacker: "What I fear is not so much the seriousness of a cyber attack but how the other side can exploit it communicatively and something relatively 'innocent' can suddenly turn into a major issue," he explains.