On Sunday 20th of March 2022, ELTA, the state-owned provider of postal services in Greece suffered ransomware attack which has resulted in most of the organization’s services being taken offline. ELTA disclosed the incident on Monday 21st of March 2022 where they stated the cause of the disruption to their services was in response to a cyber-attack that occurred on Sunday 20th of March 2022 and they also stated that they have informed all the relevant government authorities as well as working with third party cybersecurity companies.
ELTA released a further announcement on Tuesday 22nd of March 2022 where they shared more details about the incident. And it has been determined by their IT teams that the threat actors exploited an unpatched vulnerability to drop malware that allowed access to one workstation using an HTTPS reverse shell. The investigation conducted by ELTA also concluded that the goal of the cyberattack was to encrypt critical systems although ELTA hasn’t disclosed if there is a ransom demand or which threat actors are responsible for the incident.
© 2021 CyberEnsō – Nihon Cyber Defence Co., Ltd. All Rights Reserved.