Fresh cyber attacks in North Macedonia, this time targeting the health and education ministries, are spurring calls for more sophisticated cyber protection.
Last week’s attacks took down the websites of both ministries and were claimed by the hacker group ‘Anonopsmkd’, which previously took responsibility for a July 15 attack on the country’s most popular news aggregator TIME.mk.
The denial of service attack on TIME.mk, which involved more than 35 million addresses that generated thousands of clicks per seconds, coincided with a closely-fought parliamentary election in North Macedonia when the State Electoral Commission was also targeted.
In an interview last week, Anonopsmkd denied hitting the electoral commission, but it has warned that law enforcement structures in North Macedonia are its next target, spurring calls for greater protection of state bodies in the newest member of NATO.
“There should be a single protection system that would cover all government electronic services including agencies, ministries, local governments, and any legal entity or state body,” said Skopje-based cybersecurity consultant Mane Piperevski.
“This can be achieved by having a state-level Security Operation Centre with mixed ownership (51:49 in favour of the state),” Piperevski told BIRN. “The joint protection system would be under the leadership of the company that would be in charge of this Security Operation Centre.”
Hackers obstruct election result announcement
Piperevski said such a model had been implemented in a number of European Union countries.
“There is a quality staff within the government bodies that is ready to respond to such challenges,” he said. “The only problem, however, is with politics and priorities of the work in the institutions.”
Privacy and data protection expert Ljubica Pendaroska said the protection system should be multi-layered, “in order to make to make it as hard as possible for the hackers, and thus increase the protection of information and especially the personal data of citizens.”
“It is necessary for the institutions to have a developed and functional team and a procedure for rapid intervention and response in the case of an attack,” Pendaroska told BIRN.
An investigation conducted by the Ministry of Interior concluded that the electoral commission had been the target of a denial of service or DDoS attack which blocked publication of the preliminary results. The Commission website was out of action for several days.
“The investigation of this case continues in order to determine the IP addresses from where the attack was carried out, and for additional information to be collected to determine the perpetrator of this attack,” the ministry said.
National cybersecurity body has met only once
A spate of cyber attacks on state bodies in North Macedonia over the past few months has raised fears over the safety of its IT system, a concern for NATO too since the country joined the Western military alliance in March this year.
As BIRN reported in May, several cyberattacks in a short period of time exposed gaps in how North Macedonia’s authorities are dealing with cybersecurity issues.
In one security breach two months ago, a Greek hacker group calling itself ‘Powerful Greek Army’ leaked dozens of email addresses and passwords from staffers in North Macedonia’s ministries of finance and economy. Authorities are yet to determine how exactly the attack happened.
Last year, North Macedonia formed a National Council for Cyber Security, bringing together the ministers of interior, defence and information society. But it has so far met only once.
NATO member countries bear primary responsibility for their national cyber defences, but the alliance does provide expert support and has rapid reaction teams it can deploy in emergencies.
“NATO cyber experts can offer support and share information with Allies in real-time, including through our Malware Information Sharing Platform,” a NATO official told BIRN in an emailed response. “NATO has cyber rapid reaction teams on standby to assist Allies 24 hours a day, and our Cyberspace Operations Centre is operational.”
“NATO also invests in training, education and exercises which improve the skills of national cyber experts. Any attempts to interfere with democratic elections, including through hacking, are unacceptable, so we must remain vigilant.”
North Macedonia hackers target British pop stars
A hacker group from North Macedonia has claimed to have taken down the websites of British pop stars Dua Lipa and Rita Ora.
The attacks happened amid a row that erupted this month when Lipa, whose parents were born in majority-Albanian Kosovo, posted on social media a map of ‘Greater Albania’.
Ora, who was born in Kosovo but moved to Britain as a child, voiced her support for Lipa and called for Kosovo – which declared independence from Serbia in 2008 – to appear on Apple Maps.
AnonOpsMKD claimed responsibility for the attacks.