Cyberattacks in the Balkans: experts warn of risk to institutions
New reports highlight attacks in Albania and North Macedonia and growing risk for Kosovo.
Prishtina, April 21, 2026 — A fresh Balkan Insight report published on April 20 warns that data-privacy threats and cyberattacks across the Balkans and Turkey have intensified over the past year, with Kosovo still among the countries with limited defensive capacity.
The report cites the March 2026 incidents in Albania, where the Iran-linked group “Homeland Justice” claimed responsibility for attacks on parliament and the Albanian Post, leaking data and correspondence on Telegram. The gov.mk government domain in North Macedonia was compromised by the Russian-linked “Fancy Bear” group tied to military intelligence.
Kosovo on the front line
According to analyses cited by Balkan Insight and Digital Watch, Kosovo has faced phishing, malware, data theft and DDoS campaigns. Earlier waves hit telecommunications infrastructure and the media regulator.
“Balkan states must move from reaction to prevention because critical infrastructure increasingly relies on digital identities and biometrics,” says the Balkan Insight report dated April 20.
For Kosovo, where the National Cybersecurity Strategy has been in implementation since 2023, experts call for higher budgets for the Cybersecurity Agency and continuous training in core institutions. The most exposed sectors remain energy, banking and identity services.
Meanwhile, BlackFog’s “State of Ransomware 2026” report identifies a near doubling of ransom attacks against European local governments compared with a year earlier, showing that municipal entities, not just central ones, are increasingly in the crosshairs.
Source: Balkan Insight, Digital Watch, BlackFog.