The state-owned provider of postal services in Greece, ELTA Hellenic Post fell victim to a ransomware attack recently.
The attackers exploited an unpatched vulnerability to drop malware that allowed them to access one workstation using an HTTPS reverse shell.
The attack disrupted country-wide mail posts, bill payments, and other financial transaction order services.
TPRM report: https://scoringcyber.rankiteo.com/company/elta_2
"id": "elt231322322",
"linkid": "elta_2",
"type": "Ransomware",
"date": "03/2022",
"severity": "100",
"impact": "6",
"explanation": "Attack threatening the economy of a geographical region"{'affected_entities': [{'industry': 'Postal Services',
'location': 'Greece',
'name': 'ELTA Hellenic Post',
'type': 'Government'}],
'attack_vector': 'Unpatched Vulnerability',
'description': 'The state-owned provider of postal services in Greece, ELTA '
'Hellenic Post, fell victim to a ransomware attack recently. '
'The attackers exploited an unpatched vulnerability to drop '
'malware that allowed them to access one workstation using an '
'HTTPS reverse shell. The attack disrupted country-wide mail '
'posts, bill payments, and other financial transaction order '
'services.',
'impact': {'downtime': 'Country-wide disruption',
'operational_impact': 'High',
'systems_affected': ['Mail posts',
'Bill payments',
'Financial transaction order services']},
'initial_access_broker': {'backdoors_established': 'HTTPS reverse shell',
'entry_point': 'Unpatched Vulnerability'},
'motivation': 'Financial',
'post_incident_analysis': {'root_causes': 'Unpatched Vulnerability'},
'title': 'Ransomware Attack on ELTA Hellenic Post',
'type': 'Ransomware',
'vulnerability_exploited': 'Unpatched Vulnerability'}