The Albanian government's websites were knocked out for hours in July. The Kremlin might seem to be the most likely suspect. According to research published on Thursday, the attack was caused by Iran. Mandiant researchers said that a disruptive attack from Iran on a NATO member is a noteworthy escalation.
The World Summit of Free Iran is scheduled to take place in the town of Manz in western Albania on July 23 and 24. The summit was affiliated with the People's Mojahedin Organization of Iran. The conference was canceled the day before it was scheduled to start because of threats.
According to Mandiant researchers, attackers may have used a previously unknown back door, called Chimneysweep, as well as a new strain of the Zeroclear wipers. Mandiant says that activity from actors claiming to be responsible for the attacks on Telegram all point to Iran.
Mandiant's vice president of intelligence says that this is an aggressive step. Iran is involved in espionage all over the world. This isn't espionage, that's the difference The lives of Albanians living within the NATO alliance are affected by these disruptive attacks. It was a coercive attack to get the government's attention.
Iran has conducted aggressive hacking campaigns in the Middle East and particularly in Israel, and has penetrated and probed manufacturing, supply, and critical infrastructure organizations. Iranian hackers were working to gain access to networks related to transportation, health care, and public health entities, according to warnings from the US and Australian governments. According to the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency, the Iranian government-sponsored actors can leverage this access for follow-on operations.
Tehran has limited how far it has gone in its attacks, mostly due to the fact that it keeps to data. Efforts to meddle in foreign elections, including targeting the US, have been part of the country's activities.
In the Middle East, Iran has always been aggressive, but outside of the region, they have been more restrained. They might be more willing to leverage their capability outside of the region. The fact that they target NATO states suggests to me that the deterrents we have against them may not exist at all.
With Iran claiming that it now has the ability to produce nuclear warheads, and representatives from the country meeting with US officials in Vienna about a possible revival of the 2015 nuclear deal between the countries, any signal about Iran's possible intentions and risk tolerance is significant.