Cyber warfare

Albania was hit by a new cyberattack and blames Iran

Albania blamed Iran for a new cyberattack that hit computer systems used by the state police on Friday.

Albania blamed the government of Teheran for a new cyberattack that hit computer systems used by the state police on Saturday.

“The national police’s computer systems were hit Friday by a cyberattack which, according to initial information, was committed by the same actors who in July attacked the country’s public and government service systems,” reads a statement issued by the Albanian interior ministry.

“In order to neutralize the criminal act and secure the systems,” the authorities have shut down computer control systems at seaports, airports and border posts, the statement added. 

Prime Minister Edi Rama confirmed the attribution of this new cyber attack to the same Iran-lined threat actor that launched the attack in July against Albania.

“Another cyber attack by the same attackers, already exposed and condemned by the friendly and allied countries of Albania, was recorded last night on the TIMS system! In the meantime, we continue to work around the clock with our allies to make our digital systems impenetrable.” said Edi Rama.

Last week, the Albanian Prime Minister announced that Albania interrupted diplomatic ties with Iran and expelled the country’s embassy staff over the massive cyber attack that hit the country in mid-July.

The cyberattack hit the servers of the National Agency for Information Society (AKSHI), which handles many government services. Most of the desk services for the population were interrupted, and only several important services, such as online tax filing, were working because they are provided by servers not targeted in the attack. Albania reported the attack to the NATO Member States and other allies.

According to a statement published by the government, the damages may be considered minimal compared to the goals of the threat actors. The country’s Embassy staff was asked to leave Albany within 24 hours.

The relations between Albania and Iran have deteriorated since the government of Tirana offered asylum to thousands of Iranian dissidents.

The United States government issued a statement condemning Iran for attacking Albania.

“The United States strongly condemns Iran’s cyberattack against our NATO Ally, Albania. We join in Prime Minister Rama’s call for Iran to be held accountable for this unprecedented cyber incident. The United States will take further action to hold Iran accountable for actions that threaten the security of a U.S. ally and set a troubling precedent for cyberspace.” U.S. National Security Council spokesperson Adrienne Watson said. “We have concluded that the Government of Iran conducted this reckless and irresponsible cyberattack and that it is responsible for subsequent hack and leak operations.”

NATO, and the U.K. also formally blamed the Iranian government for the cyberattacks against Albania.

The U.S. Treasury Department announced sanctions against Iran ‘s Ministry of Intelligence and Security (MOIS) and its Minister of Intelligence over the cyber attack that hit Albania in July.

MOIS is the primary intelligence agency of the Islamic Republic of Iran and a member of the Iran Intelligence Community. It is also known as VAJA and previously as VEVAK (Vezarat-e Ettela’at va Amniyat-e Keshvar) or alternatively MOIS.

The Iranian government denied it was behind the cyberattack and labeled Albania’s decision to sever diplomatic ties “an ill-considered and short-sighted action”.

“Iran as one of the target countries of cyberattacks on its critical infrastructure rejects and condemns any use of cyber space as a tool to attack the critical infrastructure of other countries,” the Iranian foreign ministry said.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Albania)

[adrotate banner=”5″]

[adrotate banner=”13″]

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.

Recent Posts

Cisco addressed high-severity flaws in IOS and IOS XE software

Cisco addressed multiple vulnerabilities in IOS and IOS XE software that can be exploited to…

12 hours ago

Google: China dominates government exploitation of zero-day vulnerabilities in 2023

Google's Threat Analysis Group (TAG) and Mandiant reported a surge in the number of actively…

19 hours ago

Google addressed 2 Chrome zero-days demonstrated at Pwn2Own 2024

Google addressed two zero-day vulnerabilities in the Chrome web browser that have been demonstrated during…

1 day ago

INC Ransom stole 3TB of data from the National Health Service (NHS) of Scotland

The INC Ransom extortion group hacked the National Health Service (NHS) of Scotland and is threatening…

1 day ago

CISA adds Microsoft SharePoint bug disclosed at Pwn2Own to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Microsoft SharePoint vulnerability disclosed at the…

2 days ago

The DDR Advantage: Real-Time Data Defense

This is the advantage of Data Detection and Response (DDR) for organizations aiming to build…

2 days ago

This website uses cookies.