Albania has decided to sever diplomatic relations with Iran, Albanian Prime Minister Edi Rama said in a televised address on 7 September. He accuses him of hiring “four teams to launch a cyberattack” that paralyzed government services on July 15. Government data was also allegedly stolen during the operation.
AKSHI, Albania’s equivalent of the National Information Systems Security Agency (Anssi), described the incident as a “synchronized and sophisticated cybercriminal attack from outside Albania.” Prime Minister Edi Rama said he had “irrefutable evidence” of Tehran’s accusation. He added that, despite its scale, the attack “did not achieve its goal. All systems are fully operational again and no permanent data wipe has occurred.”
NATO condemns cyberattack
US National Security Council spokeswoman Adrienne Watson said US experts also concluded that Iran “carried out this reckless and irresponsible cyberattack” and was “responsible for the hacking operations and subsequent leaks.” The North Atlantic Treaty Organization (NATO) also reacted to this statement: “We take note of the statements by Albania and other allies placing the responsibility for this cyber attack on the Iranian government.”
In early August, US computer security firm Mandiant discovered a new family of ransomware dubbed “Roadsweep” targeting Albania that displayed an unambiguous message on infected victims’ machines. “Why should our taxes be spent for the benefit of the Durres terrorists?” – was written. Durres is a port city located on the Adriatic Sea, west of Tirana, the capital of Albania. This mention is no coincidence: in 2014, Albania hosted some 3,000 members of the People’s Organization of the Mujahideen of Iran (PMU), an Iranian opposition group in exile, who settled in a camp near the city.