Albanian government services suffer ‘massive’ cyber attack

Albanians were unable to use scores of government services on Monday as a cyber attack caused the main servers of the National Agency for Information Society to go down only a few months after shifting most public sector services to an online portal.

“Albania is under a massive cybernetic attack that has never happened before. This criminal cyber-attack was synchronised… from outside Albania,” the Council of Ministers said in a press release.

The "wide and complex" attack began on Friday and targeted government infrastructure and other public online services and rendered them functionless, the government added. 

The author of the attack was not identified, although the statement said the method used by the hackers was identical to the last year’s attacks on Belgium, Germany, Lithuania, Malta, the Netherlands and Ukraine.

Albanian authorities have assured that all citizens' data stored on the government's website is "safe and intact", and report to be working with experts from Microsoft and the US-based Jones Group International to solve the situation “and bring it back to normalcy.”

Until the threat has passed, many public services will remain unavailable, although the most vital ones, such as online tax filing, are still working, as they use separate servers.

Sali Berisha, a former PM and opposition leader, blamed the ineptitude of the government for the meltdown, pointing out that the government had concentrated too many services in the AKSHI without proper protection.

“How did it happen that the government ordered almost all important services to go through this website?’ he asked. “How can such initiatives be undertaken while no professional policing against cyber crime is yet in place?” 

The cyber attack occurred not long after the government of Albanian Prime Minister Edi Rama closed desk services for the population and ordered mandatory use of its online services for everything from enrolling in school to obtaining an ISBN number for a new book at the National Library.

As a result, several government services including Parliament, the Prime Minister’s Office, and the e-government gateway used by businesses and citizens are hosted on the government network and were sent offline, as a preventative measure

Over the last couple of years, there has been a significant surge in cyber attacks, which, when they are targeted at public administrations, can have significant consequences. 

"Governments are at outsized risk from cyber attack, both from cyber criminals as well as geopolitical adversaries," said Chris Clements, vice president of solutions architecture at Cerberus Sentinel. "Government systems and networks can lag in cyber-security best practices and promptness and thoroughness of patching compared to private organisations.  This makes them softer targets for cyber criminals looking for an extortion payday through ransomware and mass-scale data theft as well as hostile foreign nation states looking to disrupt their target's operation."

However, despite the large impact that these attacks can have on the population, experts point out that these are often less sophisticated than would be expected and can be boiled down to a few key issues such as misconfigurations, poor passwords being exploited, unpatched software, or a malicious or non-malicious insider making unauthorised changes. 

"Governments need to protect their data not just with enhanced perimeter security but with data-centric security such as tokenisation applied directly to that data," said Erfan Shadabi, a cyber-security expert at comforte AG. "Implementing a Zero Trust philosophy, supported by more data-centric protection methods, can really help in the long run to head off disasters such as the one the Albanian government is facing."

Whatever the root cause, the Albanian government has decided not to take any chances by shutting down all government services managed through the National Agency for Information Society, a decision that some have cast doubts upon, considering it to be too extreme. 

"While this is one response, organisations and nations need to weigh up the risks of taking down online services. For many citizens, many services are only accessible online, and taking down of services can leave them out in the dark,” said Javvad Malik, lead security awareness advocate at KnowBe4.