More

    Cyber Conflict and Diplomacy: Albania-Iran Relations in cyberspace

    Share

    In July 2022 Albania was hit by a severe cyber-attack targeting government systems. The attack is claimed of such magnitude that it could have wiped out large parts of Albanian critical infrastructure. After the attack, Albania cut its diplomatic ties with Iran. On September 10th, Albania reported a second attack, targeting systems of the police and the traveller information management system. The motives of the attacks trace back to 2014 when Albania provided a safe haven for the Iranian opposition group Mojahedin-e-Khalq (MEK). Hence, an acceleration in the already tense relationship between the states is prevalent. Further, the countermeasures conducted by the NATO-supported Albanian government, cutting its diplomatic ties, may point to a shift in the perception of hostile cyber operations between states in peacetime.

    KJ1: It is highly likely that the number of cyber attacks between Iran and Albania will increase in the next 6 months.

    • The MEK conducted several offensive cyber operations targeting the Iranian government. Among them, is the hacking of Iranian websites on November 24th 2021 spreading the message “death to Khamenei – greetings to Rajavi” [source].
    • As the MEK is claimed to act as a proxy for Iranian opponents [source], the organisation may be utilised to spur further the ongoing protests among the Iranian domestic opposition [source; source].
    • The sole raison d’être of the MEK is to overthrow the Iranian supreme leader, Ayatollah Khomeini [source]. Hence, provocations and spreading of anti-regime material is an integral part of its modus operandi [source].

    The September 10th attack was of minor severity than the July attack [source; source].

    KJ2: It is likely that the magnitude of conducted hostile cyber operations between Iran and Albania will decrease in the next 6 months.

    • When detected, the intrusions in Albanian government systems were rapidly and effectively mitigated [source].
    • In a statement on September 7th, Iran denied involvement in any hostile activity targeting Albania [source].
    • On September 9th The United States imposed sanctions on Iran following the July attack [source].
    • During the Regional Summit of Brdo-Brijuni Leaders in Slovenia on September 12th, Albanian president Bajram Begaj appealed to the European Union to speed up the country’s integration process with reference to the Iranian cyber hostilities [source].
    • On September 15th The United States imposed further sanctions on Iran following the September 10th attack [source].

    At a meeting in Tirana, Albania on September 21st, NATO affirmed support for its allies facing cyber threats [source].

    KJ3: It is likely that NATO members targeted by cyber-attacks will trigger diplomatic fallout in the next 6 months.

    • US President Joseph Biden repeatedly indicated a shift in attitude on large-scale cyber-attacks targeting NATO members and could trigger more aggressive responses [source; source].
    • Albania and the United States’ responses will serve as a signal to Russia’s hostile cyber operations targeting states in peacetime [source].
    • On September 7th, Albania cut diplomatic ties with Iran forcing Iranian diplomats to leave the country within 24 hours [source].
    • This is possibly the strongest reaction so far by a nation targeted by cyber-attacks [source]  

    Intelligence Cut-Off date: October 5, 2022

    Oscar Rosengren
    Oscar Rosengren
    Oscar Rosengren is a student at the Swedish Defence University in Stockholm. His main focus area is the Sahel Region and West Africa. Specific interests are asymmetric threats, mainly terrorism, covert action, and cyber threats.

    Table of contents

    Subscribe

    Get the weekly email from Grey Dynamics that makes reading intel articles and reports actually enjoyable. Join our mailing list to stay in the loop for free!

    Related contents