The cyberattack was the work of “the same attackers” who carried out the July hack, Albanian Prime Minister Edi Rama claimed in a tweet. The breach occurred on Friday, according to the interior ministry, and by early Saturday night, the ministry said it expected to restore all aspects of TIMS soon.
The incident poses a new challenge for the Biden administration, which this week vowed to “hold Iran accountable for actions that threaten the security of a US ally” and NATO member after the July cyber attack.
The Treasury Department on Friday sanctioned Iran’s spy agency for allegedly carrying out the July hack, which knocked some Albanian government services offline and left the Albanian government scrambling to recover. The White House said US officials had been on the ground for weeks helping. Albania has severed diplomatic relations with Iran in what may be the first case of piracy that has caused ties between the countries to be severed.
The July hacking took place ahead of a conference in Albania to be attended by members of the MEK, an Iranian group that supports the overthrow of the Iranian government and which Tehran considers a terrorist organization.
“We strongly condemn such malicious cyber activities designed to destabilize and harm the security of an Ally and disrupt the daily lives of civilians,” NATO members said in a statement on Thursday.
In response, Iran’s embassy in Brussels on Friday “rejected baseless accusations” that Iran was behind the July hack.
A spokesman for Iran’s Permanent Mission to the United Nations did not immediately respond to a request for comment on Saturday about the latest hacking incident.
The US government in 2007 helped Albania, an ally in the Bush administration’s self-proclaimed “war on terror,” develop TIMS hardware and software systems for immigration processing, according to an archived State Department page.
CNN has sought comment from the White House National Security Council.
NATO Secretary General Jens Stoltenberg said a cyber attack could trigger NATO’s collective defense clause, which requires all members to defend against an attack on another member. But this principle has never been tested in practice, and it is not clear what the limit is for such a collective defense.
“Unfortunately, I wouldn’t be surprised if it was true [that Iran was behind the latest hack]John Hultquist, vice president of intelligence analysis at security firm Mandiant, which investigated the July hack, told CNN. “States like Iran do not seem to be deterred by diplomatic solutions. It’s as if the price of these incidents is finally acceptable to them.”
