Technology

Greek firms scan computer systems as Iran war raises cyberattack risks, sources say

By Renee Maltezou and Yannis Souliotis
3D printed models of people working on computers and padlock are seen in front of a displayed "cyber security" words and binary code in this picture illustration taken, February 1, 2022. REUTERS/Dado Ruvic/Illustration

ATHENS, March 18 (Reuters) - Greek shipowners and other companies are scanning their computer systems ⁠for evidence of cyberattacks after advice from the National Cybersecurity Authority, two sources ‌said on Wednesday following incidents that have been linked to the Iran war.

The authority last week sent an advisory, seen by Reuters, to security officers of shipping companies, banks and firms in the transport, telecommunications, health ​and energy sectors, a source at the authority said, ⁠adding that the move was pre-emptive.

An ⁠Iranian-linked hacking group claimed responsibility on March 11 for a cyberattack on U.S.-based medical device ⁠and ‌services provider Stryker, according to messages posted to the group's Telegram channel.

Albania has also confirmed a cyberattack on the digital infrastructure of its parliament last week ⁠that local media said was by the Iran-linked, self-styled "Homeland Justice" ​group.

GREEK ADVISORY URGES SCANS

The ‌Greek advisory, marked "high-priority", urged firms to perform the scans and inform security officers ⁠of a confirmed ​incident that affected a "large international organisation" abroad. It did not name it.

It listed indicators of possible compromise, including IP addresses, tools and malware, such as the VShell Remote Access Trojan. Anyone finding evidence ⁠of attack should immediately review their systems and ​block those IPs, it said.

Two separate sources said at least two shipping companies have received the warning. Electronic interference with commercial ship navigation systems has surged in recent days around the ⁠Strait of Hormuz and the wider Gulf.

All the sources asked not to be named because they were not authorised to speak to the media.

The first two said Greece had yet to find evidence of a significant attack, although one of them said "some sort of activity" ​had been tracked.

The Greek advisory said an investigation into the ⁠confirmed incident had pointed to an unidentified, sophisticated threat actor using two layers of infrastructure ​to scan activity, attempt unauthorised access, host malware or ‌run command-and-control mechanisms and avoid being traced.

The second ​source said that some of the IP addresses listed in the Greek advisory originated from Iran.

(Additional reporting by Fatos Bytyci in Pristina; Editing by Barbara Lewis)

Follow us on our official WhatsApp channel for breaking news alerts and key updates!

Next In Tech News
Disney's new CEO Josh D'Amaro steps up for a wild ride
His father lost his life’s savings in a scam. A fake lawyer offered to help.
Samsung Elec and AMD sign MoU on AI memory, explore foundry partnership
AirPods Max 2:�What's new in Apple's latest headphones?
Meta to shut down virtual reality experience of Horizon Worlds
Xbox opens Starfield to PlayStation gamers in further blow to exclusivity
Exclusive-Meta vowed to stop illegal financial ads in Britain. It failed 1,000 times in a week
Poco X8 Pro Series debuts in Malaysia, priced from RM1,499
Greece is preparing social media ban for children under 15
Microsoft considers legal action over $50 billion Amazon-OpenAI cloud deal, FT reports

Trending in Tech

Others Also Read

Load more

Copyright © 1995- Star Media Group Berhad [197101000523 (10894-D)]

Best viewed on Chrome browsers.