Press statement
The United Kingdom has condemned the Iranian regime for a cyber strike against the government of Albania that damaged data and interrupted key government services.
The United Kingdom slammed the Iranian government today (Wednesday, September 7) for a cyber strike against the Albanian government that damaged data and hindered key government services, such as paying utility bills, scheduling medical appointments, and enrolling students.
The National Cyber Security Centre (NCSC) concludes that cyber actors with ties to the Iranian government are almost certainly responsible for a series of cyber attacks launched against Albanian government infrastructure beginning on 15 July, which caused significant disruptions to online public services and other government websites.
The websites of the Albanian Parliament and the Prime Minister’s office, as well as the portal e-Albania, which Albanians use to access a variety of public services, were targeted and shut down.
The attackers also exposed material from the Albanian government, including Prime Minister and Ministry of Foreign Affairs email content.
Foreign Secretary James Cleverly stated, “Iran’s reckless actions demonstrated a flagrant disdain for the Albanian people by severely limiting their access to key public services.”
The United Kingdom supports our valued NATO friend and partner. We join Albania and other friends in calling Iran’s actions into question.
TO THE EDITORS:
Iran is an aggressive and capable cyber actor, according to the NCSC. Cyber operations are most likely performed by a complex and fluid network of entities with varying degrees of linkage to the Iranian government, whose workforces consist of a mixture of departmental and contractual personnel.
These cyberattacks are the latest example of Iran’s growing dangerous behavior trend. Cybercriminals with ties to Iran have access to a variety of disruptive and harmful capabilities. Previously, the United Kingdom has blamed and advised on a number of cyber incidents involving Iranian actors:
22 March 2018 – The UK’s National Cyber Security Centre assessed with high confidence that the MABNA Institute was almost certainly responsible for a multi-year Computer Network Exploitation (CNE) campaign targeting universities in the UK, the US, and other Western countries, primarily for intellectual property (IP) theft.
CISA, FBI, CNMF, NCSC, and NSA released a joint Cybersecurity Advisory on February 24, 2022, highlighting a group of Iranian government-sponsored advanced persistent threat (APT) actors, known as MuddyWater, conducting cyber espionage and other malicious cyber operations against a variety of government and private-sector organizations in Asia, Africa, Europe, and North America.
CISA, FBI, ACSC, and NCSC issued a combined Cyber Security Advisory on 17 November 2021 on Iranian government-sponsored APT attackers leveraging Microsoft Exchange and Fortinet vulnerabilities in order to acquire early access in preparation for subsequent operations. The Iranian government-sponsored APT actors are actively targeting a vast array of vital infrastructure sectors in the United States and Australian organizations.