American company "Microsoft" says that it has high confidence that actors sponsored by the Iranian government are behind the cyber attacks that took place in Albania on July 15 of this year that attacked the online pages of the government and public services. 

"Microsoft" estimates that in addition to the devastating cyber attack, another "actor" sponsored by the Iranian state obtained sensitive information months ago. Several online media and social media platforms were used to publish the sensitive information.

The attack, according to the "Microsoft" company, took place in four stages: Initial intervention; data theft or movement; Encryption and destruction of data as well as the final stage of publishing a part of this data. 

Microsoft says that “the actors involved in gaining initial access and stealing data are linked to EUROPIUM, which has been publicly linked to Iran's Ministry of Intelligence and Security (MOIS) and was discovered using three clusters unique activity". 

Microsoft's cyber attack detection unit was engaged at the request of the Albanian government to investigate the attack. Microsoft will continue its partnership with Albania to increase protection against such attacks in the future, it is emphasized in a statement. 

Why does the company "Microsoft" believe that the government of Iran is behind the cyber attack? 

The American company says that evidence gathered during the investigation shows that the hackers operated outside of Iran. They used the same "tools" that other known Iranian hackers had used. 

The attackers responsible for the intrusion and data extraction targeted other sectors and countries that are in line with Iranian interests. A data deletion code was previously used by a known Iranian actor. They have also used programs with the aim of blocking access to a computer system until a sum of money is paid.