The Albanian government has reported that it has suffered under a cyber-attack following the severance of its political ties to Iran in August of this year.
The cyber-attack was confirmed by Albanian Prime Minister Edi Rama in a tweet on September 10, just days after Albania cut ties with Iran.
Një tjetër sulm kibernetik nga të njëjtët agresorë, tanimë të ekspozuar dhe dënuar prej vendeve aleate e mike të Shqipërisë, është shënuar mbrëmë mbi sistemin TIMS! Ndërkohë vazhdojmë punojmë përditë pa orar me aleatët për t’i bërë të papenetrueshme sistemet tona digjitale.
— Edi Rama (@ediramaal) September 10, 2022
In the tweet, Rama alleged that the “same aggressors” were responsible for the cyber-attack, referring to the Iranian government. Rama went on to say that the Albanian government was “continu[ing] to work around the clock with [its] allies to make [its] digital systems impenetrable”.
In a follow up tweet, Rama said that the hackers had “not achieved the goal at all” as there had been “no … leak” of data from Albania’s systems.
Sistemet e pikave kufitare janë në punë qysh prej mëngjesit të sotëm.Përtej ndjesisë së rëndë që krijon penetrimi në këto sisteme, njësoj si kur të hyjnë në shtëpi e të vjedhin,fakti është se agresioni nuk ia ka arritur asfare qëllimit,asnjë zhudkje a rrjedhje serioze të dhënash!
— Edi Rama (@ediramaal) September 11, 2022
Albania severs ties with Iran
The decision to sever its diplomatic ties to Iran came after Albania was hit with a cyber-attack to its government systems on July 15 of this year. Following an investigation into the attack, Rama said on September 7 that there was “incontrovertible evidence” that Iran “hired four groups to mount the attack on Albania”. He alleged that the hackers had attempted to disrupt government functions and sow chaos.
Iran denied these claims, calling them “baseless”, however the Albanian government went forward with its decision to sever all diplomatic ties and ordered Iranian embassy staff to leave within 24 hours of Rama’s statement in a move that was called “anti-Iranian” by Iran’s foreign ministry.
Rama stated that the decision was “proportionate to the seriousness and danger posed by the cyber-attack”.
The July 15 cyber attack
In July of this year, the Albanian government suffered an “unprecedented and dangerous” cyber-attack which forced the temporary suspension of government sites. Following the attack, the Albanian National Agency of the Information Society (AKSHI) worked with Microsoft, Jones Group International and information and communications technology teams within Albania in order to prevent the attack from compromising or damaging the systems.
The attacks were later linked to the Iranian government by threat intelligence firm Mandiant. The Microsoft Detection and Response Team (DART) also said in a statement that it had “assessed with high confidence that on July 15, 2022, actors sponsored by the Iranian government conducted a destructive cyberattack against the Albanian government”.