SHARE
Press Release:
BCSP Targeted by State-Sponsored Cyber Attack
The Belgrade Centre for Security Policy (BCSP) recently received an official notification from the Microsoft Threat Intelligence Center regarding a cybersecurity incident affecting our systems.
According to them, certain BCSP accounts were compromised in activity assessed to be conducted by Forest Blizzard, a Russian state-sponsored threat actor also known as APT 28, Fancy Bear, and Strontium. Forest Blizzard uses a wide range of initial-access techniques including exploiting vulnerable web-facing applications, spear-phishing, automated password-spray and brute-force attacks conducted via TOR and is under direct control of GRU Military Unit 26165.
Furthermore, in the previous period BCSP faced digital incidents related to the Belgrade Security Conference. In October 2025, several external partners received messages from unknown foreign numbers impersonating BSCP staff and informing them that they are about to receive materials related to the Conference from another team member. Shortly afterward, they received emails from an account which was compromised through a phishing campaign and subsequently misused targeted phishing attempts against external partners.
After this incident, we have taken all key security recommended measures by Microsoft. Additionally, a website impersonating the Belgrade Security Conference was created to mislead participants and collect credentials, prompting BCSP to initiate takedown procedures. Moreover, our official Belgrade Security Conference website recorded over 10,000 attack attempts, further confirming sustained and coordinated pressure on our digital infrastructure. During the same period, an attempted intrusion targeting our servers via malware and simultaneous attack on the devices of two of our staff members was detected and reported.
The Belgrade Centre for Security Policy believes that, taken together, these incidents reflect a broader pattern of pressure on civil society actors, contributing to the shrinking space for independent, critical, and public-interest work.
After the indications of deliberate targeting by sophisticated actors, BCSP implemented all recommended mitigation measures and further strengthened its cybersecurity protocols. We are sharing this information to ensure full transparency and to uphold the highest security standards in our collaboration and we will continue to provide updates as the situation evolves.
Belgrade
28. November 2025
RELATED
Date: 18.12.2025.
Author: Belgrade Centre for Security Policy
The Civil Committee for the Protection of Human Rights Defenders and Whistleblowers strongly condemns the threats directed at journalist Vuk Cvijić, which occurred on December 17 and were allegedly triggered by an article he wrote for the weekly Radar.
Date: 17.11.2025.
Author: Belgrade Centre for Security Policy
Belgrade Centre for Security Policy awards the 2025 "Lighthouse" Award to Irena Joveva, member of the European Parliament from the Republic of Slovenia.
Date: 10.11.2025.
Author: Belgrade Centre for Security Policy
The Integrity Network strongly condemns the appointment of Igor Žmirić as commander of the Special Anti-Terrorist Unit (SAJ), warning that this move turns one of Serbia’s elite police formations into the President’s personal guard, rather than a service for all citizens.
