IOTW: Albania hit with cyber-attack after severing ties with Iran

The Albanian government has reported that it has suffered under a cyber-attack following the severance of its political ties to Iran in August of this year.

The cyber-attack was confirmed by Albanian Prime Minister Edi Rama in a tweet on September 10, just days after Albania cut ties with Iran.

In the tweet, Rama alleged that the “same aggressors” were responsible for the cyber-attack, referring to the Iranian government. Rama went on to say that the Albanian government was “continu[ing] to work around the clock with [its] allies to make [its] digital systems impenetrable”.  

In a follow up tweet, Rama said that the hackers had “not achieved the goal at all” as there had been “no … leak” of data from Albania’s systems.

Albania severs ties with Iran

The decision to sever its diplomatic ties to Iran came after Albania was hit with a cyber-attack to its government systems on July 15 of this year.  Following an investigation into the attack, Rama said on September 7 that there was “incontrovertible evidence” that Iran “hired four groups to mount the attack on Albania”. He alleged that the hackers had attempted to disrupt government functions and sow chaos.

Iran denied these claims, calling them “baseless”, however the Albanian government went forward with its decision to sever all diplomatic ties and ordered Iranian embassy staff to leave within 24 hours of Rama’s statement in a move that was called “anti-Iranian” by Iran’s foreign ministry. 

Rama stated that the decision was “proportionate to the seriousness and danger posed by the cyber-attack”.

The July 15 cyber attack

In July of this year, the Albanian government suffered an “unprecedented and dangerous” cyber-attack which forced the temporary suspension of government sites. Following the attack, the Albanian National Agency of the Information Society (AKSHI) worked with Microsoft, Jones Group International and information and communications technology teams within Albania in order to prevent the attack from compromising or damaging the systems. 

The attacks were later linked to the Iranian government by threat intelligence firm Mandiant. The Microsoft Detection and Response Team (DART) also said in a statement that it had “assessed with high confidence that on July 15, 2022, actors sponsored by the Iranian government conducted a destructive cyberattack against the Albanian government”. 

You May Also Like

  • Blizzard Entertainment hit by DDoS attack

  • IOTW: A full timeline of the MOVEit cyber attack

  • PwC and EY impacted by MOVEit cyber attack

  • BlackCat threatens to leak 80GB of Reddit data