BiH Still Lacks a State Cyber Team and Crucial Documents as Cyberattacks Surge

4. October 2023.14:19
Although the number of cyberattacks is increasing daily, almost no information about these attacks is to be found online, according to observations made during a panel discussion on the current state of cyber security in BiH at the Internet Governance Forum held in Sarajevo.

This post is also available in: Bosnian

Internet Governance Forum. Photo: BIRN BiH

The Cyber Security Excellence Center (CSEC) has reported more than a 70 percent increase in cyberattacks in BiH during the first eight months of this year compared to the previous period. This data was revealed in the second Report on Cyber Security Threats in BiH, which was presented during the first Internet Governance Forum held in five years.

CSEC detected 15.4 million cyberattacks through its decoy systems, according to statements made during a panel discussion on state cyber security in BiH.

“This number speaks to the alarming nature of the situation and the urgent need for a response,” said Enes Hodžić, one of the authors of the recent report compiled by CSEC and BIRN Bosnia and Herzegovina (BIRN BiH).

Hodžić explained that the cyberattacks predominantly originated from France, the United Stated, Russia, Bulgaria, and Estonia, but that attackers often use Virtual Private Networks (VPNs) to conceal their actual locations. He added that certain countries, including the US and some EU nations, have robust VPN infrastructures that attackers exploit, giving the false impression that the attacks are coming from these locations.

The report identified a shift in the cyberattacks most frequently perpetrated cyberattack. While Distributed Denial of Service (DDoS) attacks were previously the most common, the current trend is towards attempts to breach private telephone networks. These attacks can inflict substantial costs on private companies and disrupt the operations of state institutions.

In addition to data on the attacks detected using decoy systems, the report offers illustrative examples of the real impact these cyber assaults have on their victims. After being targeted in an attack, the public utility company Sarajevogas received insufficient support from law enforcement but managed to resolve the issue on their own and recover their data. The media outlet Nezavisne Novine faces constant attacks, which they believe are aimed at undermining their readership.

“The reaction of law enforcement to these attacks is minimal,” said Hodžić, stating that Nezavisne Nnovine reported numerous incidents without ever receiving a response.

Predrag Puharić, the director of CSEC, emphasized the absence of a systematic approach to cyberattack protection, stating that even if only a small fraction of the 15 million attempted attacks succeeds, the damage caused will be significant.

“The problem in Bosnia and Herzegovina is that we don’t have any exchange of information. We know what happened at a hospital in Maryland, the standard data is available. We know what methods were used. But when something happens in Bosnia and Herzegovina, we’re left in the dark,”  Puharić stated.

Sabina Baraković from the Ministry of Security described a structural change which the ministry adopted in May, the formation of the Computer Emergency Response Team (CERT) after years of waiting. However, she noted that there are still many steps and decisions to be made before the team becomes a reality.

Baraković highlighted the challenges of attracting experts to the team, given the more attractive conditions in private companies as compared to state institutions. This, coupled with bureaucratic procedures, is likely to prolong the process for months.

“Another problem is the lack of qualified staff, because you have to have a person with the right skills,” Baraković explained. She noted that BiH still doesn’t even have a list of the critical infrastructure requiring protection, including cyber space, but that efforts are underway to address this.

Jasmin Emrić, a representative in the State Parliament, said that he sees the formation of CERT as a significant step forward, despite the fact this initiative began 12 years ago. According to Emrić, state legislators are often distracted by daily politics. As a result, topics that impact citizens’ lives, such as cyber security, are rarely addressed.

Reflecting on last year’s cyberattack on the Parliamentary Assembly, Damir Dizdarević, the director of Logosoft, described it as a new-generation attack but said that there was never any report on the incident or on the lessons learned. a report on it and the lessons learned was never presented. He explained that his company assisted with recovery efforts without charge.

“The parliament didn’t have the capacity to fight back,” Dizdarević stated, expressing uncertainty as to whether a procedure to handle future attacks was established after this incident.

The report audit underscored the insecurity and vulnerability of the system, aligning with previous claims that only a fifth of the recommendations outlined in the Strategy for Information Security had been implemented.

The conclusions from the panel discussion will be presented at the upcoming Internet Governance Forum in Tokyo.

The 2023 Sarajevo Forum was jointly organized by BIRN BiH, CSEC,, the Center for the Education of Judges and Prosecutors of the Federation, the Faculty of Political Sciences in Sarajevo, and Logosoft. Support for the event was also provided by the Internet Society Foundation, the British Embassy in BiH, and the Hanns Seidel Foundation in Sarajevo.

    Nermina Kuloglija-Zolj

    This post is also available in: Bosnian