Albanian PM declares Iranian diplomats personae non grata over massive cyber-attack on government’s key servers in July.
Albanian Prime Minister, Edi Rama. Photo by EPA-EFE/GEORGI LICOVSKI
Albania’s Prime Minister, Edi Rama, on Wednesday said Tirana was freezing diplomatic ties with Iran after he blamed the Islamic republic for a major cyber-attack in July, which blocked several online services.
Rama said the Iran embassy in Albania has been notified that its staff need to leave the country within 24 hours.
“A deep investigation brought uncontestable proof that the cyber aggression towards our country was orchestrated and sponsored by the Islamic Republic of Iran, which engaged four groups for the attack,” Rama said on Wednesday.
“Among them was one of the most notorious international cyber terror authors or co-authors of previous cyber-attacks against Israel, Saudi Arabia, Jordan, United [Arab] Emirates, Kuwait and Cyprus,” Rama added.
The government’s online services were attacked on July 15, when the main servers went down, following what the authorities called “a synchronised criminal attack from abroad”.
Media outlet Top Channel then reported that Iran was behind the cyber-attack, likely sending a political message to Albania, which hosts around 3,000 exiled Iranians belonging to the People’s Mujahedin of Iran, MEK, an opposition to the current regime in Iran and strongly supported by the US.
Reports also said the attackers had demanded 30 million euros in bitcoin. Rama denied reports of blackmail on Twitter, saying that the news about the “demand for 30 million euros is completely fake” and a foreign state was behind the hackers.
Albania’s latest move comes as other governments in the region are facing similar issues.
On Tuesday, the Kosovo government announced that for two days in a row, on Monday and Tuesday, Kosovo institutions had faced temporary interruption of their internet network.
“The cyber-security team sector within the Information Security Agency in cooperation with local and foreign experts identified that the problem with internet service is a consequence of a cyber-attack,” Perparim Kryeziu, Kosovo government Spokesperson, said on Tuesday evening.
“The cyber-attack did not penetrate the infrastructure of state computers’ network because it was blocked by relevant security equipment,” he added.
“It was identified that the cyber-attack came from outside of Kosovo and targeted the IP in which several web pages of Kosovo institutions work,” he said.
He said the Information Security Agency has undertaken “concrete actions to overcome this cyber-attack and return internet service into function”
“For the moment, the situation is stable. Internet and other online services are functioning and accessible. Cyber security experts will continue to monitor the security of services and government’s systems and will take necessary measures to maintain their security,” Kryeziu said.
In neighbouring Montenegro, government and judicial websites were forced to go offline and trials delayed following massive cyber-attacks that started on August 24 and whose perpetrators remain unknown.
This is not the first time that Albanian public has faced massive leaks of personal data.
One year ago, just before the general elections in April 2021, a massive database of 910,000 voters in the Tirana region that contained personal data such as IDs, job titles and possible political preferences was published by the media.
Many accused the ruling Socialist Party of using state institutions to gather the personal data.
Other massive data leak happened last December, when data detailing the salaries of around 630,000 Albanians was circulated online. Days after, another database with data of license car plates was leaked.
In January, the Tirana Prosecution arrested four people in connection with the massive data leaks. Two people from state institutions suspected of selling people’s personal data and two others from private entities suspected of buying it were arrested.