Greece-Turkey cyber war – Did the Turkish hackers get data? My article on his website Enikos.gr

For a few days until today, Greece receives an unstoppable cyber war from Turkish groups hacker Their aim is to target Greek state infrastructure. The tactics of these groups are well-known, as they take action whenever there is a diplomatic escalation between the two countries, defending Turkish interests online. The method is common: DDoS attacks.

What are Ddos Attacks

Attacks of this kind are very common since they don't require specialized equipment, only knowledge and coordination. A DDoS attack requires a number of computers and specific software programmed to "hit" a service and internet connection lines. It also requires a mechanism of coordination between the attack points, meaning different computers, programs, or even operators.

Attacks of this kind are usually carried out by groups of collaborators hacker These attacks aim for economic gain (e.g., receiving payment from the victim's competitors or extorting the victim for a ransom) or for activism and revenge purposes. In cases of activism (such as Anonymous), there are numerous individuals who coordinate through digital communication channels. In cases of economic motives, usually a small group exploits multiple real or virtual points in the network to launch their attack.

In essence, they create "fake" traffic - traffic on the website as a result of which the server cannot serve all this traffic and crashes.

Let me give you an example. On New Year's, we all exchange wishes among ourselves either through messages (SMS) or phone calls. You may have noticed that most of the time our provider cannot accommodate us, and the network goes down. Essentially, unintentionally, we have created a DDoS attack. The provider cannot handle all the requests simultaneously, resulting in the server going down for security reasons.

Is there any danger from these attacks?

There is no serious and immediate danger from these attacks. In reality, hackers launching such attacks cannot steal sensitive information that may be present on websites. All they manage to do is render the website and its services inactive for a short period of time.

However, indirectly, risks can be created if the attack is combined with mishandling or reactions from the recipient of the attack. For example, if the target of an attack disables a security measure it has in place in order to temporarily function without it, instead of remaining offline, they may create a vulnerability in their security and potentially face more severe consequences.

How are businesses protected?

Ddos Attacks have a serious advantage. They can be created at very low cost but require exorbitant amounts of money for someone to be able to protect themselves.

DDoS attacks are a common phenomenon on the internet, and for this reason, companies have taken measures to protect themselves. Some digital services have built-in mechanisms to defend against such attacks. However, the prevailing method of protection is the use of specialized network and application security products, which act as intermediaries between the digital services they offer and their visitors. These systems have mechanisms to prevent and detect attacks like DDoS, as well as countermeasures. Essentially, they can distinguish between malicious and legitimate use of a digital service and block the former without disrupting the latter. This approach not only protects business infrastructure from harm but also ensures uninterrupted delivery of digital services to customers.

Is there a connection between the Turkish attacks and the messages received by MPs with the well-known “Sextortion Scam” campaign?

What is a Sextotion Scam?

This word derives from the combination of the terms "sex," "text," and "extortion." It refers to the use of the World Wide Web by certain individuals with the ultimate goal of exerting power, exploiting, and demanding monetary sums from potential and unsuspecting victims. The process of deception and subsequent extortion involves distinct stages.

1. Approach

Through a social networking platform (such as Facebook, Skype, Instagram), the criminal approaches the potential victim by using a fake account (catfishing) where they maintain an attractive profile (man, woman, similar age, shared interests, etc.).

2. Relationship of Trust

In order for the victim to feel more comfortable and familiar with the perpetrator, it is common for there to be continuous communication for a long period of time in order to develop a relationship of trust, under the pretense of friendship, love, etc. This way, when the perpetrator makes any requests, the victim does not hesitate to fulfill them.

3. Acquisition of Material

After the relationship between the two parties is strengthened, the future blackmailer proceeds to demand material (images, videos, live chats) with sexual content. They record and store this material, now in their possession for future use.

4. Extortion

The perpetrator, having obtained the desired advantage over the victim, identifies what they want to gain from the act of sextortion (usually financial gains). The threats they can make typically involve public exposure in the media (in the case of scandals involving public figures) or disclosure to friends and social networks (in the case of underage individuals), forcing the victim to succumb to blackmail.

As can be seen, the consequences of this deception can be tragic for the person who is the victim, mainly on a psychological level. For this reason, it is necessary for both us and those around us (especially younger children and young people) to know the ways to avoid and protect ourselves from such criminal actions. Suggested ways are as follows:

– Accept friend requests on social networks only from people in our close family or friend circle.

– Avoid sharing material (photos, videos, etc.) with people we do not know very well

– Not sharing sensitive content through networking channels, even in a very close or friendly circle.

– Prevent downloading and opening links or files whose sender is unknown.

– Protection from unwanted surveillance by covering and deactivating the cameras of electronic devices (mobile phones, laptops) when we are not using them.

Even employees of the Parliament, parliamentary editors and MPs fell victim to the "Sextortion Scam" and pink blackmail.

I believe that these two attacks, DDoS Attacks and Sextortion Scam, are not related to each other. This is because Turkish hacker groups do not engage in tactics aimed at obtaining financial gains. Analyzing their profile over the years, their sole purpose has been reputation, creating movements of impressiveness around their name, presenting themselves as the best in the world in order to establish their status in the global hacking community and as the top hacking group within Turkey.