Abazi: The cyber-attack in Albania was supported by the Government of Iran, this will only be the beginning

The cyber-attack that happened in Albania was planned and supported by the Government of Iran and that this is only the beginning.

This is what the cyber expert Tanzer Abazi says in an interview for The Geopost, adding that the concern about these attacks has been raised since the start of the Russian military aggression in Ukraine.

“We have raised the concern of cyber-attacks since the beginning of the Ukraine-Russia war, where we have seen a trend that different allies are being created that are supporting both sides. Russia has built its own allies, which have been Iran, China and so on, I’m talking about the cyber aspect”, says Abazi.

According to him, there is already a tendency to increase these cyber-attacks.

“Since then, there has been an increased tendency of cyber-attacks to happen in each country and not far away we had the case in Albania, where it was the target of hacker attacks sponsored by Iran”, he adds.

Abazi emphasizes that the cyber-attacks in Kosovo were aimed at stopping services.

“With what happened in Kosovo, there was a tendency to stop the services of public institutions, that type of attack does not mean that it comes from the states even though the traffic was generated by Russia, China, Iran, but it does not necessarily mean that they are actors who are planned together to cooperate to attack the institutions, there may have been someone here who bought such a service and generates traffic from there”, emphasizes Abazi.

In the end, the security expert says that they often cannot cope with the attacks that come, as was the case with Albania.

“I don’t want to say that they are not capable, but they don’t have a lot of decision-making in their hands about what they need to buy, they don’t have a budget where they want to direct them, and so on, and these bring their own challenges that we are not able to sometimes to face these kinds of attacks that are coming to us, which I can’t say are very advanced attacks compared to the ones that happened in Albania”, he concludes.

Full interview

The Geopost: How much are the Balkans and Kosovo at risk of cyber-attacks and from which countries are they mostly attacked?

We have raised the concern of cyber-attacks since the beginning of the Ukraine-Russia war, where we have seen a trend that different allies are being created that are supporting both sides, Russia has built its allies which have been Iran, China and so on, I am talking in the cyber aspect.

While a large part of the world, including our country and the United States of America, also the “Anonymous” Group, which is a group of international hackers, has supported Ukraine in this war.

Since then, there has been an increased trend of cyber-attacks occurring in each country, and not far away we had the case in Albania, where Albania was the target of hacker attacks sponsored by Iran. Even Kosovo had a series of attacks on all institutions, on internet service providers, even on private businesses and the media.

The Geopost: How serious was the attack that you mentioned by Iran and are there expected to be other attacks, not only in Albania but also in Kosovo?

This is just the beginning, I believe there will be trends and cyber-attacks will increase with the digitization of all these services, this trend is growing. What Iran did was something planned by the state and the hackers were sponsored by the state, as the public reports of Microsoft are showing, which is contracted by the government of Albania for services.

They have drafted a detailed report, they have shown how they entered and stayed for nearly 10 to 12 months Inside Albania’s systems and only collected information. What happened in Albania was targeted and very planned, everything was drafted, and normally a team sponsored by the state.

While that attack differs from what happened in Kosovo, there was a tendency to stop the services of public institutions, that type of attack does not mean that it comes from the states even though the traffic was generated by Russia, by China, by Iran, but it does not necessarily mean that they are actors who are planned together to cooperate to attack the institutions, there may have been someone here who bought such a service and generates traffic from there.

The Geopost: In Kosovo, there are many individuals who work for large western IT companies, how much capacity does Kosovo have to bring together all these experts, like you, to counter this very dangerous phenomenon?

We have continuously since 2013 tried to gather this community together, to be together with one language, to cooperate, and we have held several competitions that we have called “The day when hacking is legal”, we have tested their skills and we have tried to expose these people to state institutions and businesses to engage them.

This year we have the 7th edition of this competition, where the American embassy allocated 20,000 US dollars to these young people to help the media to identify weaknesses. We have a lot of talented people, and we have developed this talent, I can say after the war, when the 1999 war ended, but the cyber war continued and that talent was developed in Kosovo, but these people are being hired by western countries because of the talent they have developed and we are left without cadres here, we are left with unfilled deficit positions and we are probably left in the hands of not very skilled people who work in institutions.

I don’t want to say that they are not capable, but they don’t have a lot of decision-making in their hands about what they need to buy, they don’t have the funds where they want to orient them and so on, and these bring their own challenges that we are sometimes unable to face these types of attacks that are coming to us, which I cannot say are very advanced attacks compared to those that have happened in Albania.

The Geopost: Your message as an expert, how to protect ourselves from these attacks?

Protect yourself from these attacks, turn off your computer, don’t use it, it’s a cyber-chaos around the world. We have to be careful in everything because today even big top-corporations such as Facebook, Google, Ubisoft and many other companies that have sold information on the internet are being attacked, in these cases it is a concept that we call “Zero Trust Model” that we should not trust neither technology nor people nor principles and practices.

This means that all decision-making should be taken very carefully, access to the internet in social networks as limited as possible, downloads as few as possible. I don’t want to give those general advices not to click on suspicious links, because sometimes you get a very clear link, it looks very reliable, but in fact it’s a virus, and this is the sophisticated technology, hackers are developing every day and are taking a much bigger step than the corporations are able to detect them, that’s why there is a virus that enters and stays in the systems for 365 days until an internal team detects it. /TheGeopost