Cyber ​​attack targets 800 services of Greece’s Gov.gr and TAXISnet – Medical prescriptions frozen

One of the biggest cyberattacks to hit Greece took place on Friday morning against the information systems of the Ministry of Digital Governance, centered on TAXISnet, whose operation was “blocked” for over 48 hours!

It was an unprecedented DDoS type attack, which according to authoritative sources came from the Netherlands and through which the unknown cybercriminals attempted to “down” temporarily or even completely stop the operation of approximately 800 Government websites. It should be noted that hundreds of Gov.gr services now operate with the use of TAXISnet codes, as well as the authentications for services of banking institutions.

Among the problems caused, was to knock out electronic prescriptions! Doctors could only prescribe in handwriting on the weekend in emergencies, while on-call pharmacies could not fill emergency prescriptions. Also, not even hospital doctors could prescribe to patients who came to emergency rooms.

During DDoS attacks, as competent IT technicians explained to NEA newspaper, a series of bots or botnets flood a Web site or service with HTTP requests, interrupting data transmission between hosts. Essentially, multiple computers attack a computer at a certain time (for some minutes, hours or even days), blocking its use by legitimate users. This results in the service being slow to respond or not working at all for a period of time.

Also, during an attack, it is possible for attackers to penetrate the database of the affected computer-systems, gaining access to all kinds of sensitive information. That is, DDoS attacks can exploit security vulnerabilities and target any endpoint that is publicly accessible over the Internet. So-called “denial of service attacks” (DDoS) can last hours or even days.

Competent sources reported to NEA, that during the attack on the information systems of the Ministry of Digital Governance, the operation of more than 800 State websites connected to them was “blocked”. The specific websites were either unable to “open” or their “opening” was very slow.

The National Cybersecurity Authority was immediately called in, with IT technicians racing until Sunday night to restore the websites with the help of OTE technicians (it’s the telecommunications provider of the State, through which the websites operate and the servers of various services and organizations).

It is typical, that in order to stop the attacks of the unknown attackers, the technicians did Geoblocking (geographic blocking) throughout the Netherlands, because they found that the “blocking” of the Government websites came from the Netherlands, where the Azure network also “hit” Microsoft.

As of yesterday afternoon, about 600 websites had been “cleaned up” and were allowed access again after initializing settings.