After the recent attack on public online servers, blamed on Iran, experts say Albania must toughen its cyber infrastructure.
Iranian Embassy in Tirana, Wednesday 7 September 2022. Photo: BIRN
Iranian diplomats in Tirana prepared to leave the country on Thursday after Albania’s government the day before declared them personae non grata – having accused the Islamic republic of responsibility for the big cyber-attack in July that blocked several online services.
Prime Minister Edi Rama said the Iran embassy in Albania has been notified that its staff need to leave the country within 24 hours.
Tirana-based security expert and professor Fabian Zhilla told BIRN that severing diplomatic relations with Iran was not enough; this must be coordinated with preventive measures, or the country risks facing heightened aggressiveness from Iran’s secret services.
“They have exploited weaknesses in [our] cyber security protection and now have a significant amount of documentation that they acquired during the first attack, and we do not know what that information is … whether it is classified information, which could bring instability tomorrow,” Zhilla told BIRN.
Albania has linked the attack to its hosting of around 3,000 exiled Iranians belonging to the People’s Mujahedin of Iran, MEK, an opposition group to the regime in Iran, supported by the US.
But Zhilla said that Albania’s government should talk to MEK and urge them not to use Albanian territory for any kind of media or propaganda war against the Iranian regime.
“Because this … would expose us as a country to Iran and give them a reason to strike. In this context … the agreement was to give the MEK a political shelter, but not for them to use this type of political shelter to wage war from our territory,” Zhilla added.
Another, security expert, Adrian Shtuni, based in Washington, also links the cyber-attack to the MEK. Tirana’s tough response was “the strongest public response of a state to a cyber-attack so far,” he noted.
“The primary purpose of the attack seems to have been to exert pressure for the cancellation of the annual ‘Free Iran’ conference organized by the MEK,” Shtuni told BIRN.
The conference was, in fact, cancelled in July after US embassy in Tirana warned of an unnamed security threat to the summit.
“The publication of sensitive information online can also be interpreted as a revenge against the Albanian state for the decision it took to shelter the Iranian opposition. If the aim of the attack had been financial gain, there would have been a demand for payment/tribute,” Shtuni argued.
Shtuni says that, unfortunately, cyber attacks in the 21st century are a daily reality, involving high costs and risks.
“Albania, as defined in the New Strategic Concept of NATO 2022, must improve its infrastructure, networks, and capabilities for cyber defence. This will make it more able to prevent or counter these threats more efficiently in future,” he added.
This is not the first time that Albania has seen massive leaks of personal data. Just before the April 2021 general elections, a massive database of 910,000 voters in the Tirana region that contained personal data, such as IDs, job titles and even possible political preferences, was published by the media.
Many accused the ruling Socialist Party of using state institutions to gather the personal data.
Another massive data leak occurred last December, when data detailing the salaries of around 630,000 Albanians was circulated online. Days later, another database with data of car license plates was also leaked.
In January, prosecutors arrested four people in connection with the data leaks. Two people from state institutions suspected of selling people’s personal data, and two others from private entities suspected of buying it, were arrested.