Intrusion into a computer network, known as hacking, is a core element of many online offenses:
Hacker is the term for a person who breaks into computer systems and experiments with every aspect of them. A hacker has the requisite knowledge and skills to manipulate computer systems to a significant degree. Hackers are typically programmers and system designers, but also individuals who, although not professionally engaged in IT, have developed such skills and work either in groups (hacking groups) or alone. When their actions are malicious, they are referred to as crackers.
Watch a video describing the most common cybercrimes:
A hacker’s access to the system of a prospective victim involves two stages: a preparatory stage and a main stage.
In the preparatory stage, the hacker collects information (information gathering) about the system they intend to attack and seeks to gain access to it by obtaining the login credentials (password cracking), thereby acquiring the privileges of a legitimate user of the system.
In the main stage, the hacker pursues the objectives for which they unlawfully entered the specific system and exits it while attempting to leave no traces that could lead to the discovery of their identity, while at the same time ensuring the ability to re-enter the system whenever they wish.
For each of these steps taken by a hacker, the following can be said:
– Information gathering.
This step is perhaps the most fundamental rung on the ladder of successful hacking. The more a hacker knows about a system, the greater their chances of intruding into it without being detected. The likely questions, the answers to which will prove significant, usually concern both the human element of the system (administrators, engineers, operators, users) and the system itself (hardware, operating system in use, any peculiarities, etc.). The hacker may obtain this information from the system itself, from the business to which it belongs, from IT specialists (technicians, scientists), and from fellow hackers.
– Intrusion into the system: Obtaining the login credentials and acquiring the privileges of a legitimate user.
A system functions correctly provided that its mechanism for authenticating the identity of legitimate users is reliable. For this reason, neutralising this mechanism is the principal concern of every hacker.
– The hacker inside the system.
Once the hacker gains access to the target system, what they do next depends on the purpose for which the hacking was carried out. Whatever the underlying motive, however, it is certain that, among other things, they will gather information about the operation of that system and attempt to exploit its capabilities and, more generally, the privileges granted to its legitimate users. Some of the actions available to the hacker include destroying or deleting data and stealing confidential files and information, gaining control of the system and altering access data in order to lock out users, as well as using one system to send data to a third system. Upon completing their “visit”, they will attempt to erase its traces while at the same time leaving “the door open” for similar future activities on the same system.
- See also the article Online Fraud
- See also the article Hacking
- See also Methods of Online Attacks
- See also the article Malicious Software
- See also the article Online Attacks
- See also the article Online Piracy
- See also the article Software Piracy
- See also the article Pharmaceutical Trafficking
- See also the article 10 Security Practices
FREQUENTLY ASKED QUESTIONS ON HACKING – CRIMINAL DEFENSE
1. What sentence is provided for unauthorized access to a system?
Unauthorized access to an information system is, as a rule, punishable by imprisonment (misdemeanor), while where aggravating circumstances apply – such as the breach of security measures, the acquisition of sensitive data, or the causing of significant harm – the sentence may rise to higher levels. The law clearly distinguishes between simple unauthorised entry and entry with intent to obtain unlawful gain or to harm a third party, in which case the legal characterisation of the act changes.
In several cases the sentence may be suspended under Article 99 of the Penal Code (PK), converted into a monetary penalty under Article 80 PK, or served by way of community service, particularly where the defendant has no prior criminal record and the mitigating circumstances of Article 84 PK are recognised.
2. How do I defend myself against a hacking charge?
The defence focuses on challenging the technical identification of the perpetrator. An IP address alone does not prove which natural person was using the device, while Wi-Fi networks are often open, shared, or have been compromised. In addition, the lawfulness of the seizure of devices, the chain of custody of digital evidence, and compliance with forensic analysis procedures are all examined.
It is significant whether there was intent (dolus) – that is, an intention of unlawful entry – or whether the conduct involved a legitimate security test, an educational purpose, or accidental access. Unlawfully obtained evidence may be excluded, while gaps in the case file or ambiguities in the technical report lead to the application of the principle in dubio pro reo.
3. I have been summoned to give a statement before the Cybercrime Division – what should I do?
The presence of a lawyer from the very first moment is decisive. The defendant has the right to silence and the right not to incriminate themselves, as well as the right to access the case file before giving a statement. Spontaneous statements, even seemingly innocuous ones, are recorded and later used at the courtroom hearing.
Before any defense statement or examination, it is crucial to analyse the technical material in the case file with the assistance of a specialist IT expert witness. Frequently, the correct positioning at the preliminary investigation stage leads to the case being shelved or to an acquittal order, without the matter ever reaching the courtroom.
4. Am I at risk of pre-trial detention for hacking?
Pre-trial detention is an exceptional measure and is imposed only where strict conditions are met, such as a risk of flight or of committing further offenses. In cybercrime cases, particularly where the defendant has a stable residence, employment, and a clean criminal record, detention is rarely ordered. Instead, restrictive measures are imposed, such as a prohibition on leaving the country, periodic appearance at a police station, or bail.
In some cases, a prohibition on the use of the internet or on the possession of specific devices is ordered. The proper preparation of the defense statement before the investigating judge is what determines the outcome.
5. How long does a criminal hacking case last?
The duration depends on the complexity of the case file and the volume of digital material requiring analysis. The preliminary investigation stage, with the technical examination of devices and international requests for judicial assistance where foreign service providers are involved, may last from several months to over a year.
The trial at the courtroom depends on the competent court, based on the seriousness of the charge. As to the statute of limitations, for misdemeanors it is, as a rule, five years, while for felony cybercrime offenses it is longer. The lapse of these time limits is always examined as a defense plea.
6. Why do I need a specialist cybercrime lawyer?
Hacking cases combine strict criminal procedure with deep technical knowledge. A lawyer specialising in this field knows how to challenge forensic analysis reports, to identify irregularities in the collection of digital evidence, and to work with technical expert witnesses. They also draw on case-law on issues of user identification, lawful interception of communications, and personal data protection.
The Law Firm ZIAMPARAS D. & ASSOCIATES has handled cases of unauthorized access, account compromise, and cybercrime, defending defendants from the preliminary investigation stage all the way up to Areios Pagos.