The Albanian government has been hit with a “massive cyber-attack,” forcing its websites offline.
In a statement shared with local news outlets, the government blamed the incident on a synchronized “attack from abroad.” The press release continued: “In order to not allow this attack to damage our information system, the National Agency of Information Society had temporarily shut down online services and other government websites.”
The government also emphasized that all citizens’ data stored on its website is “safe and intact.”
It did not suggest who may have been behind the attack but noted that “the methods used by these malicious actors are similar to last year’s attacks observed in the international cyberspace.”
A number of Albanian government websites appear to still be offline, including its parliament and prime minister’s office.
NetBlocks, which tracks internet outages around the world, tweeted that service was first cut on Saturday night, around 9 pm local time. It stated: “Confirmed: # Albania’s National Agency for Information Society (AKSHI) network has been temporarily shut down to counter a major cyberattack; real-time network data show service cut for hours beginning Saturday night, impacting online government services.”
The Albanian government added that it is working with experts from Microsoft and the US-based Jones Group International to solve the situation “and bring it back to normalcy.”
There have been suggestions in local media agencies that Russia could be behind the attack, potentially linked to the EU opening accession talks with Albania and North Macedonia today. Oliver Pinson-Roxburgh, CEO of Defense.com, commented: “The large-scale cyber-attack that took down the Albanian government’s digital services illustrates the high stakes at play in our digital and connected world. While we have seen independent hacking groups targeting the IT infrastructure of nations in the past, it is unusual that an autonomous group would be able to operate on this scale. Nation-state actors, on the other hand, certainly have the capabilities to target and unsettle the digital operations of other countries. As disruption appears to be the ambition of this incident, rather than financial gain, a nation-state actor appears the most likely culprit for this attack.”
However, Todd Carroll, CISO at CybelAngel, believes the Albanian government could be a tempting target for multiple threat actors: “Albania has a history of data security issues that are only exacerbated by the over-collection of its citizen’s data, compared with those countries subject to EU standards. So, it is not surprising that they are under attack. Once you lose access to your data, you lose the ability to determine ‘how access was gained’ and ‘what was accessed or is being accessed.’”
In December 2021, prime minister of Albania issued a public apology after the personal data of hundreds of thousands of Albanian citizens was allegedly leaked online.