Greek CyberCrimes: Hacking, Phishing, Ransomware and others

cybercrime in Greece

Greek Cybercrime: Hacking, Phishing, Ransomware

Cybercrime in Greece

The new Greek Penal Code has been updated to create new “cybercrimes” in the criminal code of Greece. According to the Greek criminal law amongst the “cyber” activities that constitute a criminal offence are  Hacking, Phishing, Ransomware and Denial of Service. We will focus on each one individually.

  • Hacking

    Hacking (ie unauthorized access to information systems or Electronic data, according to the Greek Penal Code (GPC)) It is a criminal offence based on art. 370C par. 2 Greek Penal Code (GPC) under art. 370C par. 2 GPC, hacking will be punished by imprisonment. If the action is aimed at international relations or the State Security, other provisions of GPC shall apply (Article 148 of GPC criminal provision for spying), with a maximum sentence of 10 years’ imprisonment if the data is used to cause damage to the state. Furthermore, Article 292B states that hacking is an offence punishable with one to five years depending on the severity of the result, if it causes serious obstacles to the operation of an information system or when the data has been modified or suppressed as a result of Hacking.

  • Phishing

    “Phishing”  is defined as: the fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers, “an email that is likely a phishing scam”
    Taking the above into account, Art. 370D GPC applies for a perpetrator committing the said activity online. The offence of Art 370 carries a sentence of imprisonment from 10 days to 5 years. If the data is diplomatic or military the perpetrator faces the penalties of Art. 146 GPC, which imposes a sentence of imprisonment of up to 10 years. Phishing can also be punished as an inchoate offence (Art. 292C sec. b GPC; Art. 370E sec. b GPC, etc.).

  • Ransomware

    “Ransomware”  is defined as: a type of malicious software designed to block access to a computer system until a sum of money is paid.

    The blocking of access of your IT with the use of malicious software or as the Greek penal code refers to it as a “Denial-of-service” constitutes a criminal offence under Art. 292B GPC, and is punishable with a fine and with a minimum of one year of imprisonment.
    Furthermore, if a certain tool was used for the attacks, the penalty varies from 1-5 years of imprisonment, while if the attack caused severe damage or targeted critical infrastructure, a penalty of at least two years of imprisonment for each case applies (Art 292B GPC par. 2 sec. a, and secs b and c, respectively).

    The infection of the IT system with ransomware, spyware or any other code capable of causing malfunction, damage or denying you service to your system is by itself a criminal offence under Greek Law according to Arts 292B, 292C, 370C par. 2, 370E, 381A and 381B of the GPC, and carries ad sentence depending on the type of infection and or damage caused to the IT system.

Greek Legislation on CyberSecurity

The following laws are  relevant to Cybersecurity in Greece:
■ Law 4727/2020 regarding “Digital Governance
(Transposition into Greek Legislation of Directive (EU)
2016/2102 and Directive (EU) 2019/1024) – Electronic
Communications (Transposition into Greek Legislation of
Directive (EU) 2018/1972) and other provisions”.
■ Law 4577/2018, which transposed NIS Directive
2016/1148/EU into Greek law, regarding measures for a
high common level of security of network and information
■ Ministerial Decision No. 1027/2019, issued by the Minister
of Digital Governance, which specifies the implementation
and the procedures provided under Law 4577/2018.
■ The General Data Protection Regulation and the relevant
Greek Law 4624/2019.
■ Law 4411/2016, which transposed Directive 2013/40/EU
into Greek law, on attacks against information systems.
■ Law 4070/2012, in relation to the operation of electronic
communications networks and the provision of electronic
communications services.
■ Act 205/2013 of the Hellenic Authority for Communication
Security and Privacy (ADAE), which is a Regulation for
the Security and Integrity of Networks and Electronic
Communication Services.
■ Art. 12 of Law 3471/2006, regarding the protection of
personal data and privacy in the electronic telecommunications
sector and the operators’ obligation to take the
necessary safety measures.
■ Draft Law of the Greek Code of Electronic
Communications, which is a transposition of the Directive
(EU) 2018/1972 into Greek law.
■ Art. 386A of the Greek Penal Code, regarding fraud
committed via a computer.
■ Law 2121/1993, i.e. the Greek Copyright Act, recently
amended and replaced by Art. 25 of Law 4708/2020.

Cybersecurity Wizard

Our online “Cyber Security Wizard” is designed to assist with assessing and benchmarking your data privacy security level. The wizard takes the form of a survey which poses a series of questions relating to areas of data privacy, such as storage of data, use of data, with a range of multiple choice answers to select from. Once completed, a report is emailed which includes a summary of how you scored in relation to key data protection principles, a data privacy check list and proposals for reforms and improvements.

Cybersecurity Wizard

Assess you company's data privacy score

Start Now

What we offer

Our Legal team of Cybersecurity lawyers and operational consultants advise on all matters surrounding cyber security, from building cyber resilience, protection of data and privacy, to post-incident response, providing a holistic and tailored client service.

Key Contacts

Cyber Crime
Xrysa Pistioli
Criminal Defence Attorney

Court of Appeal

Cyber Security
michael palaiologos
Michael Palaiologos
Attorney at Law LL.M

Supreme Court of Greece

Data Privacy
john voutsinas
John Voutsinas
Attorney at Law LL.M

Supreme Court of Greece

Chat Live

Contact our CyberSecurity Legal Team

    Which of the following statements is most applicable to your current situation:

    I agree to the terms & conditions      Please contact me by

    Please rate our article
    0 / 5 0

    Your page rank: