The Greek National Intellegence Service (EYP) is enhancing its cybersecurity units with the creation of a new cybersecurity center which will be tasked with monitoring, detecting and responding to cyber threats and security breaches of the country’s digital infrastructure.
The new cybersecurity unit, named as Security Operation Center (SOC), will start to operate on a 24/7 basis from September, sources told Greek state news agency AMNA.
The news come weeks after the European Parliament urged Greece to take measures to curb spyware abuse and ensure its use is ‘proportional’ and in line with EU law, in the aftermath of last year’s wiretapping scandal which brought unwanted international attention on EYP and its methods.
Cybersecurity pillars of Greek National Intellegence Service
EYP already operates another three cybersecurity units; the National Authorities for INFOSEC (Information Security), TEMPEST (Telecommunication Electronics Material Protected from Emanating Spurious Transmissions), and CRYPTO.
Each of them has a distinct role in safeguarding sensitive information of the Greek state and its citizens.
According to AMNA, INFOSEC provides advice, guidance and technical assistance to public bodies on the security of communications and classified systems, networks and information, and promotes policies on security measures and their safe operation, whether mobile or landlines, while it also deals with malicious actions using special software.
TEMPEST, on the other hand, deals with attacks on information systems through leaks, including electric, magnetic and sound signals and vibrations, shielding spaces to prevent leaks of conversations or communications, with the use of special systems and equipment.
CRYPTO, the Greek public sector and the Armed Forces in matters of crypto-security. It produces the national codes and keys while it also issues security policies regarding the use of cryptographic products, evaluates and certifies cryptographic systems.
EYP’s involvement in Greece wiretapping scandal
Official investigations confirmed that a Member of the European Parliament (MEP) for Greece, a Greek journalist and a former US-Greek employee at Meta had been wiretapped by EYP and targeted with the illegal Predator spyware, while local media alleged that opposition and government party MPs in Greece, party activists and journalists had also been targeted, either with Predator spyware or conventional wiretapping.
The Greek conservative government, which denied having purchased or used Predator, survived a subsequent censure motion January next year and was re-elected with a clear majority in June.
The draft recommendation of the European Parliament to the Council and the Commission published in May -days before the first round of the Greek general elections- observed that “the [Greek] government responded to the scandal with legislative amendments that further reduce the rights of targets to be informed after surveillance has taken place and is further hampering the work of independent authorities.”
Among other measures, it urged Greece to reverse the legislative amendment of 2019 that placed EYP under the direct control of the Prime Minister, and to invite Europol to immediately join the investigations on the scandal.