At the end of 2022 it was announced on Bezbedan Balkan forum that credentials for e-mail accounts, linked to a number of Serbian state institutions and public companies were being sold on hacker black markets. The accounts contained information about contracts, redundancy notices, bank statements, public procurement, union meetings etc, and ads for the sale of the accounts included screenshots of open email inboxes as evidence for potential buyers.
However, legal entities whose infrastructure was marked as compromised and which are ICT systems of special significance, were not ready to admit cyber security incidents - almost all of them are of the opinion that these findings do not correspond to the truth.
Only the network operator Elektroprivreda Srbije confirmed the incident with a compromised corporate e-mail account - after a warning from the state CERT (the regulatory body for electronic communications and postal services) it took certain security measures.
Still, national CERT does not have the authority to supervise the implementation of such measures. According to Law on information security inspection supervision is the responsibility of the Ministry of Information and Telecommunications, where only one inspector is currently operating.
More about this in the research ‘For the Right Price’: Email Credentials from Serbian State Bodies Sold Online, by Igor Išpanović
Source: Balkan Insight >>
Similar reports of security researchers are being published on Bezbedan Balkan forum. See Security of government resources (details and discussions)