Report: A rise in cyberattacks in Balkans as more systems use biometrics and digital IDs

New report from BIRN shows a surge in cyberattacks, particularly phishing and ransomware in the Balkans.

 Body Part, Finger, Hand, Person, Baby, Contact Lens

A new report, Battle for Balkan Cybersecurity: Threats and Implications of Biometrics and Digital Identity from the Balkan Investigative Journalism Network (BIRN), shows a surge in cyberattacks with the growing use of biometrics and digital identity systems (BDI). According to the report, a key regional trend is a growing reliance on biometrics and digital identity in online banking, e-government services, and border control.

However, implementing BDI causes concerns about protecting individuals’ privacy, data and the potential misuse of personal information. To gain insight into the state of BDI and cybersecurity threats in the Balkan region, BIRN mapped 40 incidents between 2020 and 2023 across Albania, Bosnia and Herzegovina, North Macedonia, Kosovo and Serbia, resulting in significant data breaches. The attacks included ransomware, phishing, data hacking and other cyberattacks. The research shows a prevalence of cyberattacks against critical online infrastructure, services and computers and primary targets are the public sector, banks and individual citizens.

In North Macedonia, many websites fall prey to hacking, especially phishing, leading to severe consequences, such as in the case of the Health Insurance Fund that was hacked in February 2023 and had to cease its operations for several weeks. In Kosovo, the leading type of attack is password theft from social networks, while public institutions are often targeted with phishing. In Bosnia and Herzegovina, ransomware and phishing attacks are most prevalent, and a ransomware attack rendered the national parliament’s website and computers inaccessible for over two weeks. In Albania, even the government’s centralised e-services system was breached. Similar attacks were reported in Serbia, where it was also found that communication between institutions and the National CERT needs to improve, as public and governmental bodies and companies often do not inform the authorities of incidents.