Iranian hackers, one of the threat groups behind a cyber-disruptive attack on the Albanian government in July, had around 14 hackers lurking within its systems, the FBI and the U.S. Cybersecurity and Infrastructure Security Agency (CISA) said. month long. Gained initial access to the victim’s network, which included ransomware-style file encryptors and disk-wiping malware.
The malicious actors behind the attack, collectively referred to by the FBI as an Iranian-backed threat group dubbed Homeland Justice, attacked the Albanian government in July 2022, 14 months after the initial intrusion, destroying the multiple websites and services.
This month, Iranian state hackers launched a new series of cyberattacks against the Albanian government, using tactics and methods similar to those in July. The joint announcement provides more technical details about HomeLand Justice’s malicious activities within Albanian government networks, including the use of compromised Microsoft Exchange accounts to find and leak credentials and large amounts of data.
Albania cuts diplomatic ties with Iran over cyber attack
After the July attack, Albanian Prime Minister Edi Rama said the entire staff of the Iranian embassy had been asked to leave the country within 24 hours. The decision comes after Albania blamed Iranian state hackers for the July attack.
The U.S. government also blamed Iran for attacking Albania in July and said the country would be responsible for threatening the security of NATO allies.
Homeland Justice claimed the attack on July 18 and leaked information stolen from Albanian government networks between late July and mid-August.
“These may be in retaliation for publicly blaming the July cyberattack and severing diplomatic ties between Albania and Iran,” the two agencies added today.
Back in July 2021, U.S. President Joe Biden warned that cyberattacks that led to serious security breaches could also lead to “real gunfights.” Biden’s remarks come a month after NATO issued a statement in mid-June 2021 that a cyberattack could be equated to an “armed attack” in certain circumstances.
National cybersecurity disputes are becoming increasingly common. In this day and age, knowledge is a person’s and an organization’s most valuable asset. There will be no privacy if a person loses information, and losing information is the beginning of an organization’s collapse. The best approach to secure information and data is to conduct disaster recovery backups. Virtual machine backup, such as VMware Backup, Xenserver Backup, oVirt Backup, and so on, is currently the most convenient backup option.