САЈБЕР НАПАДИ КАО СТРАТЕГИЈСКИ ИНСТРУМЕНТ СПОЉНЕ ПОЛИТИКЕ: ЗАПАДНИ БАЛКАН У ЕРИ ХИБРИДНОГ РАТА
CYBERATTACKS AS A STRATEGIC INSTRUMENT OF FOREIGN POLICY: THE WESTERN BALKANS IN THE ERA OF HYBRID WARFARE

Author(s): Aleksandar Bogićević M.
Subject(s): Politics / Political Sciences, Politics, Security and defense, Military policy, ICT Information and Communications Technologies, Geopolitics
Published by: Institut za strategijska istraživanja
Keywords: cyber warfare; hybrid warfare; foreign policy; cybersecurity; Western Balkans
Summary/Abstract: Raising tensions between the United States, the dominant power in the existing international order, and its challengers, mainly China, Russia, and Iran, deteriorated the stability of the global order and, consequently, international security. The role of cyber threats in fostering such an unsafe atmosphere is constantly increasing. They become increasingly common among states, inflicting damage to other actors and influencing their political decision-making processes. The lack of conclusive evidence about perpetrators of cyberattacks and the possibility of denying and deflecting responsibility for them make cyberspace an ideal place for state and non-state actors to focus on conducting operations in a „grey area”. An additional challenge for European states was created with the beginning of the war in Ukraine, starting a new phase in cyberspace war, characterised by an increasing number of attacks and sophistication. To increase their capacity for conducting cyber operations while maintaining the possibility of denying responsibility for them, the growing importance in cyberspace is given to hacker groups that cooperate to some extent with states, thereby taking on the role of cyber proxies. Such a complex and increasingly unstable international order also affects the Western Balkans states, which are alarmingly exposed to sophisticated cyberattacks from foreign actors to which they cannot respond. The reasons behind these attacks can be linked to the foreign policies and positions of these states on significant international issues, including backing the Iranian opposition, preserving military and political neutrality, and aiding Ukraine’s war efforts. These attacks, which focus on critical infrastructure such as state institutions, state-owned enterprises, and citizens’ data, pose a significant security risk to the entire society, underscoring the urgent need for enhanced cybersecurity measures. This paper aims to identify and analyse the strategic utilisation of cyberattacks by other states, primarily great powers, focusing on implications for the Western Balkans states. After the beginning of the war in Ukraine in February 2022, several sophisticated cyberattacks by non-state cyber proxy actors aimed at the Western Balkan countries did severe damage to government institutions in several cases (Montenegro, Albania, and North Macedonia, especially), while Serbia was hit with a combination of attacks on institutions and state enterprises. In all cases, attacks interrupted the work of institutions (in the case of Montenegro, for several months), leaked undisclosed state documents (as in Albania and Serbia) or endangered citizens’ data. These attacks have shown several important trends in global cybersecurity: first, cyberattacks became a popular option for „punishing „states for their political stances on specific questions; second, everybody can be a potential target, so everybody must be vigilant and ready for defence; and last, trying to punish perpetrators of attacks is almost impossible, particularly if we take into account the fact that attackers are cyber proxies under the protection of other governments, giving them immunity from persecution. Because retaliation is impossible, the Western Balkan states must find different solutions to upgrade their cyber defence. The template for conducting a strong defence in cyberspace can be seen in Ukraine, which survived for more than three years in the digital space, despite powerful Russian cyberattacks. Building international cooperation with state and non-state actors could represent a key element of defence in the digital world. Besides, building internal capacities by raising awareness through education must become a crucial aspect of cyber defence, particularly when most attacks target individuals as the weakest link in the cyber defence network. No indicator suggests that the future will bring fewer attacks by cyber proxies, especially with the introduction of artificial intelligence, so countries must be prepared for an even more unstable cyber world and more sophisticated cyber threats.

• Details
• Contents