Why Albania’s cyberattacks matter to the U.S.
- Sam Sabin, author of Axios Codebook

Photo: Leigh Vogel/UPI/Bloomberg via Getty Images
A senior White House official sees this week's attribution of cyberattacks against the Albanian government to Iran as a much-needed step to establish cyber diplomacy norms.
Driving the news: Earlier this week, the U.S. government and Microsoft attributed a series of destructive cyberattacks against the Albanian government to Iranian state-sponsored hackers.
- In mid-July, hackers stole data from Albanian government servers and deployed both ransomware and malware wipers against a number of government agencies and organizations, according to Microsoft.
- Albania severed diplomatic relations with Iran on Wednesday, marking the first country to sever diplomatic relations because of a cyber conflict.
- The White House's National Security Council promised further actions to "hold Iran accountable for actions that threaten the security of a U.S. ally."
What they're saying: Anne Neuberger, deputy national security adviser for cyber and emerging technology, told Axios in a statement that this attribution is an essential part of the U.S. strategy to help establish cyber norms.
- "You make rules stick through action — this has happened in the sea, air, and is happening in space," Neuberger said. "We need to bring that approach to cyberspace."
- Neuberger added that many of the international cyber norms the United Nations adopts are based on pre-existing customs, so it's important for the U.S. to clearly demonstrate what is and isn't appropriate now.
Between the lines: Attributing a cyberattack is usually the ammunition countries need to pursue tougher diplomatic measures, including economic and trade sanctions.
The intrigue: The U.S. government has become quicker at publicly attributing state-backed cyberattacks in recent years.
- In May, just three months after a cyberattack on satellite communications provider Viasat, the U.S., the U.K. and the European Union attributed it to the Russian government.
- The administration also took three months to attribute a hack of Microsoft Exchange servers to Beijing last summer.
- Compare that to the 2017 NotPetya attack, where the U.S. government took eight months to publicly pin the global malware attack affecting thousands of businesses on the Russian government.
What's next: The Senate still needs to vote on Nate Fick's nomination to run a new cyber diplomacy bureau at the State Department, which will expand on the White House's cyber norms work.
Sign up for Axios’ cybersecurity newsletter Codebook here.