Pierluigi Paganini September 11, 2022

Albania blamed Iran for a new cyberattack that hit computer systems used by the state police on Friday.

Albania blamed the government of Teheran for a new cyberattack that hit computer systems used by the state police on Saturday.

“The national police’s computer systems were hit Friday by a cyberattack which, according to initial information, was committed by the same actors who in July attacked the country’s public and government service systems,” reads a statement issued by the Albanian interior ministry.

“In order to neutralize the criminal act and secure the systems,” the authorities have shut down computer control systems at seaports, airports and border posts, the statement added. 

Prime Minister Edi Rama confirmed the attribution of this new cyber attack to the same Iran-lined threat actor that launched the attack in July against Albania.

“Another cyber attack by the same attackers, already exposed and condemned by the friendly and allied countries of Albania, was recorded last night on the TIMS system! In the meantime, we continue to work around the clock with our allies to make our digital systems impenetrable.” said Edi Rama.

Last week, the Albanian Prime Minister announced that Albania interrupted diplomatic ties with Iran and expelled the country’s embassy staff over the massive cyber attack that hit the country in mid-July.

The cyberattack hit the servers of the National Agency for Information Society (AKSHI), which handles many government services. Most of the desk services for the population were interrupted, and only several important services, such as online tax filing, were working because they are provided by servers not targeted in the attack. Albania reported the attack to the NATO Member States and other allies.

According to a statement published by the government, the damages may be considered minimal compared to the goals of the threat actors. The country’s Embassy staff was asked to leave Albany within 24 hours.

The relations between Albania and Iran have deteriorated since the government of Tirana offered asylum to thousands of Iranian dissidents.

The United States government issued a statement condemning Iran for attacking Albania.

“The United States strongly condemns Iran’s cyberattack against our NATO Ally, Albania. We join in Prime Minister Rama’s call for Iran to be held accountable for this unprecedented cyber incident. The United States will take further action to hold Iran accountable for actions that threaten the security of a U.S. ally and set a troubling precedent for cyberspace.” U.S. National Security Council spokesperson Adrienne Watson said. “We have concluded that the Government of Iran conducted this reckless and irresponsible cyberattack and that it is responsible for subsequent hack and leak operations.”

NATO, and the U.K. also formally blamed the Iranian government for the cyberattacks against Albania.

The U.S. Treasury Department announced sanctions against Iran ‘s Ministry of Intelligence and Security (MOIS) and its Minister of Intelligence over the cyber attack that hit Albania in July.

MOIS is the primary intelligence agency of the Islamic Republic of Iran and a member of the Iran Intelligence Community. It is also known as VAJA and previously as VEVAK (Vezarat-e Ettela’at va Amniyat-e Keshvar) or alternatively MOIS.

The Iranian government denied it was behind the cyberattack and labeled Albania’s decision to sever diplomatic ties “an ill-considered and short-sighted action”.

“Iran as one of the target countries of cyberattacks on its critical infrastructure rejects and condemns any use of cyber space as a tool to attack the critical infrastructure of other countries,” the Iranian foreign ministry said.

Follow me on Twitter: @securityaffairs and Facebook

Pierluigi Paganini

(SecurityAffairs – hacking, Albania)

[adrotate banner=”5″]

[adrotate banner=”13″]