Postal service

Greek National Postal Service restores systems after ransomware attack

Greece’s national postal service, ELTA, said it was in the process of fully restoring its systems following a ransomware attack that took place on Sunday evening.

ELTA – also known as Hellenic Post – said in a statement Thursday that the “full restoration of the company’s systems is progressing according to its plan”.

“As of today, Thursday March 24, ELTA branches will now provide financial services, including the collection of invoices, the sending of simple mail, small parcels and the sale of philatelic products”, specified the ‘organization.

“In addition, ELTA Courier will ship parcels abroad. ELTA also informs the public that starting next Monday, March 28, pension payments will be paid nationwide, based on their estimated payment deadlines. ELTA will continue to report responsibly on the progress of the comprehensive rehabilitation plan and related works.

ELTA released several updates on the situation after Monday report that it was struggling to cope with a ransomware attack they discovered on Sunday evening. Officials immediately notified law enforcement and hired a computer security firm to assist with the recovery process.

They isolated all ELTA data centers and suspended business information systems in all post offices.

The service is the nation’s largest retail and logistics network, with approximately 7,000 employees and more than 1,400 physical locations.

By Tuesday, ELTA provided more information on what happened, explaining that the attackers sought to encrypt their systems by installing ransomware on a workstation using an “HTTPS reverse shell technique”. ELTA said the threat actors managed to exploit an unpatched vulnerability during the attack.

“In order to solve this technically difficult project, more than 2,500 terminal systems were examined one by one for IT security reasons, while agent programs were also installed,” they said.

“[On] On Tuesday, March 22, mail and parcel delivery will take place as normal, but stores will not service bill collection, mail dispatch and financial services. However, all of these functions, with the exception of financial functions, will normally be performed by ELTA Courier, as this event is unrelated to its operation.

The Greek media Kathimerini announced Wednesday that the Communications Privacy Protection Authority (ADAE) requested a report on the attack, but security officials told them that no sensitive data had been breached.

Dozens of people came to the the organization’s Facebook page to report issues with a wide variety of services throughout the week.

ELTA did not respond to requests for comment on access to customer data during the attack.

Jonathan has worked around the world as a journalist since 2014. Before returning to New York, he worked in South Africa, Jordan and Cambodia.