The Vandals were an East Germanic tribe that emerged during the 5th century BC. Starting from Poland, they spread across various regions of Europe and North Africa. During their land and pirate raids, they plundered ruthlessly while savagely destroying works of art and buildings, taking pleasure in the destruction they caused. For this reason, the term “vandalism” denotes acts of destruction of cultural goods.
Today’s Cyber Vandals (Vandals of Cyberspace) carry out cyberattacks without any apparent criminal purpose, and without political or ideological motives. They primarily exploit weaknesses and vulnerabilities of websites in order to demonstrate their skills and technological knowledge. They typically cause damage or defacement of the platform, taking it out of operation. There is no element of personal gain in the action of vandals; they derive and enjoy satisfaction from the act in itself.
Nevertheless, the consequences of vandalism may be long-lasting and serious. For example, in the case of vandalism of the information system of a healthcare facility, scheduled surgical appointments may be cancelled, healthcare systems may cease to function, and the death of patients or hospitalised persons whose lives are technically supported cannot be ruled out. In cases of vandalism of online stores and businesses, beyond the psychological consequences, damage is caused to the reputation of the business, with loss of customers, orders, and consequently revenue.
A cyberattack constitutes any targeting, attack, and potential damage to information systems, telecommunications media, and computers, any attempt to access data, information, or functions without the authorisation or simply against the will of the legitimate user and holder. The motives of a cyberattack are malicious and criminal. Behind the mask of a vandal there may be hiding a competitor, a dissatisfied customer, or even a dismissed employee who wishes to cause problems and harm to the business.
The forms cyber vandalism takes can be summarised as follows:
1. Website Defacement, in which access is gained to a website and its content is replaced with other offensive or defamatory content.
2. DDoS Attack — flooding a server with excessive requests, rendering it unable to provide services.
3. Malware Attack — the injection of malicious software into an information system that causes damage to it.
4. Ransomware Attack — that is, encryption of files and information, with the vandals demanding money in exchange for decrypting the system.
5. Social Media Attack — access is gained to personal or professional social media accounts in order to spread inflammatory or offensive content.
- See also article Online Fraud
- See also article Bank Liability in Online Fraud
- See also article New 2023 Law on Bank Liability
- See also article Investment Fraud Lawyer
- See also article Child Pornography
- See also article Defamation through Facebook
- See also article Cyberbullying
- See also article Computer Fraud
- See also article Hacking
- See also Methods of Online Attacks
- See also article Malicious Software
- See also article Online Attacks
- See also article Online Piracy
- See also article Software Piracy
- See also article Pharmaceutical Trafficking
- See also article 10 Security Practices
FREQUENTLY ASKED QUESTIONS ABOUT Cyber Vandalism
1. What sentence am I facing for cyber vandalism?
Acts of cyber vandalism (defacement, DDoS, installation of malicious software, account breach) typically constitute offences under the Penal Code (PK), such as breach of information systems (Article 370B PK), damage to another’s property in data (Article 381A PK), and obstruction of the operation of information systems (Article 292B PK). Sentences range from imprisonment of a few months to several years, depending on the extent of the damage and whether critical infrastructure was affected. Upon a first-instance conviction without prior criminal record, the sentence is, as a rule, suspended (Article 99 PK) or converted into a monetary penalty (Article 80 PK) or community service, while mitigating circumstances are often recognised (young age, non-base motives, subsequent good conduct under Article 84 PK).
2. Can I avoid conviction or have the charge reduced?
In cybercrime cases, evidence identifying the perpetrator is critical and very often disputable. IP addresses, dynamic IPs, the use of VPNs, shared networks, or computers used by multiple users create reasonable doubts that operate in favour of the defendant (in dubio pro reo). The legality of the seizure of devices, the chain of custody of digital evidence, and the technical validity of expert reports are all examined. A change of legal characterisation may be sought (for example, from a felony to a misdemeanor) where there is no significant pecuniary damage. In many cases, restoration of the damage prior to the hearing leads to a substantial reduction of the sentence or even to a conditional cessation of prosecution.
3. What do I do if I have been summoned to give a statement to the Cybercrime Division?
Before you give any explanation to the Cybercrime Division (Diefthynsi Dioxis Ilektronikou Egklimatos) or to the investigating judge, you need a lawyer present. You have the full right to remain silent and to refuse to answer questions that may incriminate you. Do not give access to devices, passwords, or accounts without first having the legality of the warrant examined. Mistakes at the preliminary investigation stage (spontaneous defensive statements, handing over devices without judicial review, signing documents without reading them) are extremely difficult to retract afterwards and weigh on the defence throughout the entire trial.
4. How long does the criminal procedure last?
Cybercrime cases usually take longer due to the complexity of the technical reports. The preliminary examination and main investigation may last from six months to two years, especially when international judicial assistance is required to obtain data from foreign providers. The first-instance hearing usually follows one to two years later. In the event of an appeal, approximately one to two more years are added. The completion of all instances may reach four to five years, although for certain misdemeanors the statute of limitations may be completed earlier and used as a defence.
5. What documents and evidence should I gather?
Every document that has been served is needed (summons, search warrant, seizure records, case file if a copy has been provided), as well as a full account of the events from your perspective in chronological order. Important are elements that document the use of the network and devices by third parties, where applicable, as well as evidence of lawful activity (professional, educational) that negates intent. Subsequently, certificates of employment, studies, psychological or medical support, and any element relating to good character help in obtaining recognition of mitigating circumstances under Article 84 PK.
6. What is the role of the lawyer in a cyberattack case?
Our firm specialises in cybercrime cases and handles the defence from the first stage of the preliminary investigation through to the final and irrevocable judgment. We collaborate with technical expert witnesses to challenge the findings of the Cybercrime Division, examine the legality of every piece of evidence, and draft a substantiated memorandum. The aim is the exclusion of unlawfully obtained evidence, the challenge of identification, the reduction of the legal characterisation and, where applicable, the use of alternative measures instead of imprisonment. Experience in digital cases makes a significant difference, as understanding both criminal law and the technical parameters is required.