UK, US condemn Iran for ‘unprecedented’ cyber attack against Albania

The UK government has officially condemned the Iranian state for a cyber attack against Albania to which the country has been linked.

On 15 July, the Albanian government suffered a major cyber attack, as threat actors destroyed data, shut down the public service portal ‘e-Albania’, and leaked details of the Albanian prime minister and ministry of foreign affairs.

Essential services, such as a public-facing portal for booking medical appointments, the system by which children are enrolled at school, and online utility bill websites, were also affected in the attack.

The National Cyber Security Centre (NCSC) has concluded to a high degree of certainty that Iranian-linked threat actors are behind the attack. The US National Security Council (NSC) likewise blamed the Iranian government for conducting the operation in a White House statement.

Yesterday, Albania severed diplomatic ties with Iran over the incident, and gave embassy staff, security teams and diplomatic personnel in Tirana 24 hours to leave the country. It is the first case of cutting diplomatic ties in response to a cyber attack.

Attacks on critical national infrastructure (CNI) are a growing threat, with malware tailor-made to destroy industrial systems having been found in the wild. Security groups have been warning for years about the specific involvement of Iranian-backed threat actors in such attacks.

“Albania views impacted government networks as critical infrastructure,” said NSC spokesperson Adrienne Watson.

"Malicious cyber activity by a State that intentionally damages critical infrastructure or otherwise impairs its use and operation to provide services to the public can have cascading domestic, regional, and global effects; pose an elevated risk of harm to the population; and may lead to escalation and conflict.“

Having assisted Ukraine against such cyber attacks for months following Russia’s invasion of the country in February, the NCSC have warned against UK-based security teams becoming burned out and letting their guard down as a result.

The Iranian government deny involvement in the attack, citing its long struggle with attacks such as the Stuxnet worm to indicate that it is the victim of threats to CNI. As a NATO member, Albania has been joined in support by many western powers.

“Iran’s reckless actions showed a blatant disregard for the Albanian people, severely restricting their ability to access essential public services,” stated foreign secretary James Cleverly, who entered his cabinet role on Tuesday.

“The UK is supporting our valuable partner and NATO ally. We join Albania and other allies in exposing Iran’s unacceptable actions.”