With this notable statement, Michalis Bletzas, the head of the National Cybersecurity Authority and a researcher at MIT Media Lab, conveyed today from Thessaloniki the necessity for all citizens—not just the authorities—to be vigilant in order to prevent cyberattacks.

“Under no circumstances should we give our data in communications that we have not initiated ourselves. Banks will never ask for this information. No agency will ever request it. If we follow this basic rule, 90% of scams disappear,” he emphasized. He also referred to a new kind of fraud: citizens receive a letter in the mail containing a QR code that, when scanned, directs them to a website designed to extract significant personal data.

Speaking at an event titled “Cybersecurity and Artificial Intelligence” held at the International University of Greece (DI.PA.E.), Mr. Bletzas pointed out: “One issue is this artificial division we have between the real world and cyberspace. Everyone needs to understand that this division does not exist. We have one large entity called society, in which we create a digital nervous system. Therefore, the old perception that exists in large organizations—that we will never be infected, that we can keep the bad actors out with walls—no longer holds true. We must learn to operate in an environment where the bad actors do not come in physical form, but electronically. The mindset is the same, however. Because we do not see the bad actor in the digital space, we think we don’t need to lock the door… Or we ask the government to come lock it for us. It’s not like that. We have to lock it ourselves… It’s not possible that every time something happens, the National Authority (of Cybersecurity) is to blame because everyone else didn’t do their job. We set rules, provide advice, and help wherever we can. However, we are a very small agency with a very large scope. If everyone does not want to secure their systems, reveals their personal data, or does not use two-factor authentication, how can there be cybersecurity?” he noted.

In fact, Mr. Bletzas referred to the reluctance of even public sector services to implement two-factor authentication, stating that without it, it’s akin to someone walking down the street in their underwear.

The Worst Drug on the Planet and the Life Decisions of 16-Year-Olds

Mr. Bletzas also noted that at present, the National Cybersecurity Authority is attempting to convince telecommunications providers to cut off many communications that are clearly fraudulent, preventing any malicious SMS, email, or phone calls from reaching citizens: “Until recently, there wasn’t an effective way to cut this off. Now there is. There are protocols that all providers need to apply, and we are starting a pan-European effort in this area,” he emphasized. He also commented on social media, saying that Mark Zuckerberg (Meta) has managed to build the perfect manipulation machine and influence tool, “the worst drug ever released on the planet.”

He further expressed a degree of regret, as he feels he contributed to extending internet access to more locations that may not have seen it otherwise, enabling more people to access social media. For instance, he explained that alongside Nicholas Negroponte, they “set up” the first broadband network in Greece in Patras during a time when he considered it somewhat selfish—because they were on vacation in the area and could no longer tolerate dial-up speeds.

When asked how Greek universities—and education in general—should change, he replied: “The problems we are facing are becoming increasingly complex. Therefore, this specialization we see in Greece is completely misguided. Separating humanities from other sciences so early is the major wound of the Greek educational system. Unfortunately, it is something that no one dares to touch… There is nothing worse in a world that is changing so rapidly than asking a 16- or 17-year-old to decide what they will do for the rest of their life. The American system is bad overall… as it ties student progression to their parents’ wallets, but allows you to completely change direction if you wish. In the Greek university system, you can’t even switch fields within the same school if you decide to pursue something else because you believe it suits you better,” he highlighted.

“The Software that Advances Humanity is Not Well Taught”

When asked about the difference between humans and machines, he pointed out that the software of human society is humanitarianism and the humanities. “This cannot be done by Artificial Intelligence. Software, at all levels, is much more important than physical hardware. Unfortunately, the software that advances us as human societies is not being taught well. We have forgotten it. We are producing engineers from universities who do not think about the consequences of their actions because they lack fundamental knowledge. Yes, machines will get better. They will not write original code, but they will produce a significant amount of code from now on… However, the important pieces of software (of human society), whether they are the regulations I’m now drafting for Artificial Intelligence or the laws we will enact for society’s functions, will not be written by machines because they will be original things… Machines, right now, are rehashing what has already been created by humans. We must remember this. Therefore, the educational system must emphasize truly human skills, and these human skills are still far removed from machines—such as empathy, and the ability to collaborate and communicate,” he emphasized.

As he pointed out, humanity heavily relies on beautiful stories, whether they are about religions or money. “Personally, I have yet to hear a beautiful story or a good joke written by Artificial Intelligence (…). The most basic and fundamental human trait is our ability to tell beautiful stories (…). This is how things progress. And machines will not do this,” he concluded.

Finally, regarding the work of the National Cybersecurity Authority, Mr. Bletzas emphasized that “its primary work at this moment is regulatory” and added that Greece was one of the first seven countries in the EU to incorporate the new NIS2 directive (which establishes a unified legal framework for maintaining cybersecurity in 18 critical sectors across the EU).

“At any moment, the Joint Ministerial Decision for technical measures needs to be signed,” he noted and added that, based on the previous directive, the supervised entities of the Authority numbered around 71, which has now increased to roughly 400 and is expected to reach 2000. The goal of the Authority, he said, is to create a compliance framework and not just a regulation because Greece often struggles with the implementation of legislation. “Our concern is to create a practical framework,” he concluded.

Greetings were also given by the rector of DI.PA.E. Spiros Angelopoulos, MP Dimitris Kouvelas, vice-chairman of the Committee on Educational Affairs of Parliament, Deputy Mayor of Education and Lifelong Learning, Efi Theodoraki, and—on behalf of the Central Macedonia Region—Thanos Begkas, while participating in the discussion with Mr. Bletzas were Professor Konstantinos Heilas and DI.PA.E. graduates Kyriakos Stavridis and Dimitris Grendas.