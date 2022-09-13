A wave of cyberattacks targeting governments of four western Balkan nations has crippled official websites and utility services and even led to a diplomatic spat between Albania and Iran in what is seen as a coordinated strike on NATO members.

Montenegro faced the worst of the online war that disrupted government services and prompted the country’s electrical utility to switch to manual control. The government was forced to seek the help of the US, which quickly sent a team of FBI cyber experts to investigate the massive, coordinated attacks.

Albania, which has been facing a series of cyberattacks since July 15, reported the latest such digital intrusion on September 10 when hackers targeted its TIMS system, which regulates the entry and exit of individuals from the country and forms the core of its border control.

Milan Stefanoski, a security management expert and vice president of the Skopje-based Association for Corporate Security, an NGO, was quoted as saying that the Balkan region was facing “a special Internet war of sorts”.

Iran angle

In mid-July, Albanian Prime Minister Edi Rama blamed four hacker groups linked to Iran for a malicious targeting of its e-Albania platform that forced the Ministry of Education and Sports to postpone the deadline for registration of primary school pupils for an unspecified period of time.

The Ministry of Internal Affairs of Albania was also forced to reopen its offices of the civil registry for some time.

Relations between Albania and Iran nosedived in 2014, when the Balkan country gave sanctuary to about 3,000 members of the exiled opposition group People's Mojahedin Organization of Iran. The group have since settled in a camp near Durres, Albania main port.

On September 7, Tirana cut off diplomatic ties with Tehran and ordered all Iranian diplomats and embassy staff to leave within 24 hours. The decision was taken after a joint probe with the US blamed Iran for the series of cyberattacks.

Rama justified “this extreme response” as “fully proportionate to the gravity and risk of the cyberattack that threatened to paralyse public services, erase digital systems and hack into state records, steal government intranet electronic communication and stir chaos and insecurity in the country.”

Montenegro under siege

The most sophisticated and sustained cyberattack in recent times was unleashed on Montenegro with a hacker group called the ‘Ransomware Cuba’ blamed for the targeting of the country’s digital infrastructure.

Montenegrin authorities emphasised that these attacks, which began in August, consisted of a combination of several different methods, including ransomware and denial-of-service.