Internet banking has grown rapidly in Greece following the government’s introduction of capital controls in June, to curb a bank run that threatened a to bring down the financial system and force Greece out of the euro. More than 200,000 new internet back accounts have been registered since then, to facilitate customers making domestic transactions.
“These attacks are extremely serious but we were able to boost security and add capacity with the help of local internet service providers,” said one senior Greek banker.
Paul Vlissidis, technical director at cyber security group NCC, said the Armada Collective, which has carried out several attacks in recent months, attempts to extort money from businesses that are vulnerable to attack.
“In effect, they say: ‘Give us bitcoin or we will take you off the internet’,” he explained. “They claim to be able to do significant amounts of damage.” He added that the level of ransom demanded by the group – often the equivalent of only a few thousand pounds – was “targeted at a level where there’s a temptation just to pay it and make it go away”.
However, Mr Vlissidis said there was no way of proving that the new attackers are from the ‘Armada Collective’, or simply trying to imitate the group by using “a similar modus operandi”.
On Thursday, they demanded a ransom of 20,000 bitcoin from each of the three Greek banks, according to the central bank.
DDoS attacks are a rudimentary technique in internet terms, but can result in websites being offline for several hours – causing significant disruption to a bank or consumer business.
Several email providers have seen their services hit by hackers claiming to be from the Armada Collective group. In September, the Swiss government warned that the group was blackmailing local email providers.
ProtonMail, an encrypted email start-up set up by CERN researchers in Geneva, was hit earlier this month, while similar groups HushMail, VFEMail and RunBox were also targeted within days of the attacks.