On the night of July 15, 2020, the Balkan nation of North Macedonia was anxiously awaiting the preliminary

On the night of July 15, 2020, the Balkan nation of North Macedonia was anxiously awaiting the preliminary results of its parliamentary election. Soon after the polls closed, in what was first believed to be a minor technical glitch, the website of the State Election Commission went down.
The polling results were nowhere to be found on the website in the next several hours, as the commission resorted to manually announcing the latest updates on a makeshift YouTube channel. And things didn’t get any better in the late hours of the night.
That night, the country suffered the biggest cyberattack in its history. The website of the electoral commission stayed down for the next few days, recovering from a full-scale distributed denial-of-service (DDoS) attack that paralyzed its functions, as thousands of IP addresses targeted the site. Months later, the authorities’ probe into the matter has yet to produce any findings about who might have been behind the attack.

https://sespas.es/nit/nty/video-roza-eiba-eivo-04.html
https://sespas.es/nit/nty/video-roza-eiba-eivo-05.html
https://sespas.es/nit/nty/video-roza-eiba-eivo-06.html
https://sespas.es/nit/nty/video-roza-eiba-eivo-08.html
https://sespas.es/nit/nty/video-yano-hara-01.html
https://sespas.es/nit/nty/video-yano-hara-02.html
https://sespas.es/nit/nty/video-yano-hara-03.html
https://sespas.es/nit/nty/video-yano-hara-04.html
https://sespas.es/nit/nty/video-yano-hara-05.html
https://sespas.es/nit/nty/video-yano-hara-06.html
https://sespas.es/nit/nty/video-Yec-Valn-vivo-01.html
https://sespas.es/nit/nty/video-Yec-Valn-vivo-02.html
https://sespas.es/nit/nty/video-Yec-Valn-vivo-03.html
https://sespas.es/nit/nty/video-Yec-Valn-vivo-04.html
https://sespas.es/nit/nty/video-Yec-Valn-vivo-05.html

https://www.facebook.com/CFP-National-Championship-2021-Live-Stream-101770291885594/
https://www.facebook.com/cfpnationalchampionshiplives/
https://twitter.com/i/events/1347185469243576320
https://twitter.com/i/events/1347188993310433284
https://twitter.com/i/events/1347189575882444808

While authorities claimed that the cyberattack did not have any serious consequences on the election process and the results themselves, it managed to highlight how fragile the IT systems of government institutions in the country are. A few weeks later, hackers also targeted several ministries, again demonstrating the urgent need for better cybersecurity measures.
The lack of expertise among the staff, insufficient financial resources, and the overall neglect of officials when it comes to the topic of cyberdefense are among the main issues plaguing state institutions across the region. It’s not only North Macedonia; many other countries in the region just aren’t doing enough when it comes to having strong cyberdefense systems. And in most cases, individuals prove to be the weakest link because they have not been trained and educated on how to defend against such attacks.
In March 2020, North Macedonia became NATO’s newest member. Looking to boost its overall defense capabilities, the country is now also putting its hopes on NATO’s assets and expertise when it comes to improving its cybersecurity.
However, during the last few years, NATO member states across the region have also been hit hard by various cyberattacks. In 2019, neighboring Bulgaria suffered the largest theft of personal data in the region, after its National Revenue Agency was hacked. More than 5 million Bulgarians have had their personal data exposed, and the hacked database was shared on various hacking forums.
Authorities charged a 20-year-old Bulgarian cybersecurity expert for the hack, although the motives behind it remained unclear. The attack illustrated just how weak cybersecurity practices at Bulgarian government institutions were.
With the country currently in a political turmoil and facing its next parliamentary elections in March 2021, the cyberattack on the National Revenue Agency could also serve as a warning of what’s about to come.
Apart from ransomware attacks, DDoS and malware attacks are some of the most common tools that hackers have been using to target state institutions. In most cases, the damage that these types of attacks can do could be very expensive.
“DDoS are one of the most common hacker attacks … due to the fact they are relatively simple and inexpensive to implement, compared to other types of attacks,” said Ljubica Pendaroska, a Skopje-based privacy and data protection expert.
“But the potential harm that they can do could be worth millions-counted in lost earnings, compromised systems, creating distrust in institutions, data theft, and the like.”
According to Pendaroska, such threats should constantly keep state institutions on alert and maintain an institutional awareness of the need for highly organized and functional protection systems.
The motives for these cyberattacks can vary. For some, as is the case with ransomware attacks, the gains could be purely financial. Others, however, might have more malicious intentions.
Montenegro, a NATO member since 2017 and an EU hopeful, held elections at the end of August. Fearing a reprisal of meddling attempts like the one that the Balkan country suffered in 2016, when a Russia-backed attempted coup took place, Montenegrin authorities held a joint mission with cybersecurity experts from the United States toward the end of 2019.
The mission aimed to prepare both sides for any possible Russian hacking attempts that could target the election processes in the two countries. However, as a recent suspected Russian hacking attack on U.S. government agencies showed, this might not be such an easy task-no matter how developed or technologically advanced a country might be.
“This was a cunning cyber-espionage campaign that was very hard to detect. It reveals that the U.S. government needs to enhance its cyberdefenses,” said Bilyana Lilly, an assistant policy researcher at Rand Corp.
Even if the U.S. government itself remains vulnerable, Washington is a cyberpower that can aid smaller countries. Various U.S. agencies can assist Bulgaria, Romania, North Macedonia, and other U.S. partners in the region, and they have done so on multiple occasions, Lilly explained.
In the Balkans, a region known for its political and economic instability, cyberattacks on state institutions could be used to fuel tensions among the many countries that have ongoing disputes, which could in turn have political and economic consequences.
Cyberwar missions like the one that the United States and Montenegro had last year can be particularly helpful, especially at a time when these cyberattacks are also becoming more advanced and harder to predict.
“The institutional mind cannot think like the criminal alone, and, unfortunately, hackers are often one step ahead of the system,” Pendaroska argued.