Western Balkans: Emerging Cyber Threats – Cybersecurity Ecosystem Report

Regional cybersecurity stakeholders do not regard the Western Balkans as primary target of any particular threat actor. Instead, attacks and incidents are perceived as collateral damage of attacks aimed at other primary targets. Additionally, stakeholders have not identified any region-specific malicious actors, or cybersecurity developments however, this does not discount the possibility of a more regional dimension to cyber threats emerging in the near future, given the pace of digitalisation and geopolitical developments.

These are some of the main findings of the Cybersecurity Ecosystem Report, which maps cyber threats in the Western Balkans, identifying key risks, threats, incident and attack types, and, where possible, threat actors. Commissioned by the UK Government, the Report has been prepared jointly by PwC, focusing on the global and regional threat landscape, and the ISAC Fund, providing the geopolitical context for each of the Western Balkan economies (Albania, Bosnia and Herzegovina, Kosovo, Montenegro, North Macedonia and Serbia).

The Report shows that the cybersecurity threats faced by Western Balkan economies generally mirror global threats. Ongoing increases in digital activity, accelerated by the global pandemic, have led to greater numbers of incident reports received by national authorities. Increasingly, smaller actors such as small and medium enterprises, media actors and civil society organisations are also encountering cyber threats. Attacks are becoming more sophisticated, with better tailoring of malicious content to local languages and context. Currently, cyber-crime is seen as the main threat, with malware, phishing, ransomware and, to an extent, Distributed Denial of Service (DDoS) as the most common attack types.

The Report also provides recommendations on the actions to be taken with a view to fostering greater cyber resilience in the Western Balkans.