Six years ago, at the Warsaw Summit, NATO Heads of State defined cyberspace as an operational dimension of NATO, land, sea and outer space. This conclusion was reached after previous agreements on the virtual environment and collective defence. As a NATO member country, Albania was involved in drafting national cyber defence policies, among them the National Strategy 2020-2025, based on the cybernetic strategy of the European Union.
While the State Police operates a modest structure known as unit C, which only has six cyber investigation experts, several other institutions, including the prosecution, were exposed as fragile. The National Authority for Electronic Certification and Cybersecurity, in cooperation with the National Agency of the Information Society (NAIS), is identified with a coordinating role. However, in the national strategy until 2025, it is acknowledged, “currently it is observed that the necessary means to obtain and create cyber intelligence, using human and logistical resources necessary to exercise law enforcement activity, are missing”.
On the website, Cesk.gov.al, which is the institution that guarantees cyber security measures at the national level, the alert for possible attacks was warned in June 2022, when an Italian cyber security incident response team notified about known possible virtual attacks such as DDoS (distributed denial-of-service). “There continue to be signs and threats of possible imminent attacks against national public entities, private entities that provide public services or private entities whose image is identified with the state of Italy,” explains the warning published for Albania as well. The signals were posts from the Killnet group’s Telegram channel, promoting “massive and unprecedented” attacks against Italy. This warning, which was published as a precautionary measure, came shortly after a meeting between the Balkan countries called by the National Authority for Electronic Certification and Cyber Security, which was held in our country during the summer and where the region’s best experts on the virtual environment exchange information about potential risks.
However, it wasn’t long before online government services were attacked and temporarily taken out of action. Prime Minister Edi Rama said that this was an attack organised by a state and that it was not a matter of hackers. This time too, the request for help from foreigners and partners was inevitable. The attack against NAIS brought investigations for four criminal offences, which have not yet been finalised. The assistance of the Microsoft DART team (Detection and Response Team) and the partners of “Jones Group International” for the restoration of online services was also noted. But that was the least of the damage.
On September 9, the cyber attack hit equipment managed by the Ministry of the Interior, also affecting the TIMS system, part of the Albanian police. The General Prosecutor’s Office officially announced that posting data such as those that flooded after the email of the former director general of the police was hacked harms national security. For this reason, with a particular decision, the media were ordered not to publish the police data that the hackers published. But again, the authorities, with the help of internationals, are trying to minimise the damage that the Homeland Justice group did, entering the system that should have maximum security. It has been admitted that Iranian hackers, the same ones who hacked NAIS, the institution that owns all official government websites in the country, are carrying out this cyber attack.
Anila Hoxha is a journalist who reports on issues of justice and organised crime. This article is republished with permission from Okruzenje