Cyber Attack Against E-Albania and Its Social, Economic and Strategic Effects
Journal Title: Journal of Corporate Governance, Insurance, and Risk Management - Year 2022, Vol 9, Issue 2
Abstract
Purpose: During last years, even because of pandemic situation caused by covid-19 virus, in Albania most of governmental public services for citizens, businesses and other customers were offered in an electronic way by creating a national database (e-Albania), offering more than 2200 services. As this electronic system was newly implemented, time after time it was attacked from hackers in different sectors of services, causing the interruption of service for hours, downloading all the confidential information and publishing them. After several partial attacks, in July 2022 came the general attack of the whole system, which black out the system and services for several days. Cyber actors - identifying as “HomeLand Justice” - launched a destructive cyber-attack against e-Albania which rendered websites and services unavailable. An investigation indicates cyber actors acquired initial access to the victim’s network approximately 14 months before launching the destructive cyber-attack, which included a ransomware-style file encryptor and disk wiping malware. The actors maintained continuous network access for approximately a year, periodically accessing and exfiltrating e-mail content. From late July to mid-August 2022, social media accounts associated with HomeLand Justice demonstrated a repeated pattern of advertising Albanian Government information for release, posting a poll asking respondents to select the government information to be released by HomeLand Justice, and then releasing that information - either in a .zip file or a video of a screen recording with the documents shown. This cyber-attack creates social problems, economical loss and influenced negatively in the reputation of e-Albania and damage as well strategically the country and development of this sector in the future. Methodology: We have monitored the system and the attack, and we continue to do this. We analyze and synthesis the data collected, to come to conclusions and recommendations needed for the future. All the data which we have used are open for public, and mostly are primary data. The research method combines both quantitative and qualitative methods, but it is closer with qualitative method, as far as there in not enough data for using e pure quantitative analysis. We have used mostly the descriptive method. Results/Findings: Improving essentially the cyber infrastructure to avoid in the future such attacks with high social, economic and strategical cost. Conclusions: In the institution there was not a team for Cyber Security Monitoring the system, so called SOC (Security Operation Center), who controls in the real time all the logins. It was missing as well so called “Identifying Behavior”. There was not e separation of active directory, in physic machines and virtual machines, they were altogether. As the administrator had Full Right Privilege, the hacker doesn’t need to create a Privilege Escalation Vertical, so he easily took all the right of Admin. Originality and Practical Implications: The paper is original; it has not been previously published and it is not under consideration by any other publisher. The originality of the method stands in the fact that it is the first case in the world in information age, that a country (a whole electronic system, e-Albania), face a such complex, well organized and hard cyber-attack, which collapse the system for several days. All the data are authentic ones.
Authors and Affiliations
Aleksander Biberaj, Enida Sheme, Alban Rakipi, Sonila Xhaferllari, Renalda Kushe, Mirjeta Alinci
Keywords
Related Articles
- EP ID EP732690
- DOI https://doi.org/10.56578/jcgirm090204
- Views 76
- Downloads 0
Exploring the Causal Linkage Between Foreign Equity Investments and BIST 100 Index
This study examines the interrelation between foreign equity investments (FEIs) and the BIST 100 index, a pivotal indicator of the Turkish economy's overall performance. Given Turkey's emergence as a market with consider...
Overcoming Barriers to E-Accounting Adoption: A Survey of Accountants in Turkey
In recent years, advances in digital technology have rapidly permeated various business sectors and functions, leading to the digital transformation of numerous traditional paper-based accounting processes. Consequently,...
The Impact of Managerial Sustainability and Ethics on Corporate Success
This investigation underscores the pivotal role of managerial sustainability and ethical practices in enhancing corporate success. Utilizing a comprehensive approach, the study amalgamates, interprets, and exemplifies pe...
The Influence of National Economic and Financial Systems on the Performance of Initial Coin Offerings
The rapid emergence of blockchain technology has facilitated the rise of Initial Coin Offerings (ICOs), offering an innovative approach to raising capital for startups and entrepreneurial ventures. Unlike conventional fi...
Impact of Governance Mechanisms on Agency Costs in CAC 40 Listed Firms: An Empirical Analysis (2005-2023)
This empirical investigation examines the influence of corporate governance mechanisms on agency costs among firms listed on the CAC 40 index from 2005 to 2023. Agency costs were evaluated using three proxies: asset turn...