Albanian government severs diplomatic ties with Iran after July cyberattacks

Albania has cut diplomatic ties with Iran and expelled its embassy staff. This is because of an alleged cyberattack carried out by Tehran on Albanian government websites nearly two months ago, Prime Minister Zoran Zaev said. A country cutting diplomatic ties over a cyberattack was the first known instance of a country taking such action. In response to what it called a troubling precedent in cyberspace, the White House threatened unspecified retaliation against Iran.

Albanian government severs diplomatic ties with Iran after July cyberattacksAccording to a White House statement, the White House has been helping Albania for weeks and has concluded that Iran was behind the “reckless and irresponsible” attack and the subsequent hack-and-leak operation according to the AP. Prime Minister Edi Rama announced the government’s decision in an official note to the Iranian Embassy in Tirana, the capital. Staff members of the embassy, including diplomats and security personnel, have been ordered to leave Albania within 24 hours.

Albanian government websites and digital services were temporarily unavailable due to a cyberattack on July 15. He called the cyberattack “state aggression,” stating that it wasn’t carried out by individuals or independent groups. “The deep investigation provided undeniable evidence that the cyberattack against our country was orchestrated and sponsored by the Islamic Republic of Iran, involving four groups,” Rama said in a video statement.

According to Iranian state television, Iran condemned the expulsion of the diplomats as ill-considered and short-sighted. Iranian Foreign Ministry denied Tehran was behind any cyberattack on Albanian government websites, adding Iran is the target of such attacks on its critical infrastructure.

TIRANA said it was working with Microsoft and the FBI to investigate the cyberattack. Last month, Mandiant, a leading U.S. cybersecurity firm, expressed “moderate confidence” that the attackers were supporting Tehran’s anti-dissident campaign. Using ransomware, a group calling itself “HomeLand Justice” claimed responsibility for the cyberattack. While ransomware is best known for its use in criminal extortion, it is also increasingly used for political purposes, particularly by Iran.

In a Telegram channel, “HomeLand Justice” posted documents purporting to be Albanian residency permits of members of the Iranian opposition group Mujahedeen-e-Khalq – better known as MEK – along with a video showing the ransomware in action. Using hashtags such as #Manez, the channel accused the Albanian government of corruption. Ashraf 3 camp in Manez, which is 30 kilometers (19 miles) west of Tirana, is home to about 3,000 Iranian MEK dissidents.