SHARE
Press Release:
BCSP Targeted by State-Sponsored Cyber Attack
The Belgrade Centre for Security Policy (BCSP) recently received an official notification from the Microsoft Threat Intelligence Center regarding a cybersecurity incident affecting our systems.
According to them, certain BCSP accounts were compromised in activity assessed to be conducted by Forest Blizzard, a Russian state-sponsored threat actor also known as APT 28, Fancy Bear, and Strontium. Forest Blizzard uses a wide range of initial-access techniques including exploiting vulnerable web-facing applications, spear-phishing, automated password-spray and brute-force attacks conducted via TOR and is under direct control of GRU Military Unit 26165.
Furthermore, in the previous period BCSP faced digital incidents related to the Belgrade Security Conference. In October 2025, several external partners received messages from unknown foreign numbers impersonating BSCP staff and informing them that they are about to receive materials related to the Conference from another team member. Shortly afterward, they received emails from an account which was compromised through a phishing campaign and subsequently misused targeted phishing attempts against external partners.
After this incident, we have taken all key security recommended measures by Microsoft. Additionally, a website impersonating the Belgrade Security Conference was created to mislead participants and collect credentials, prompting BCSP to initiate takedown procedures. Moreover, our official Belgrade Security Conference website recorded over 10,000 attack attempts, further confirming sustained and coordinated pressure on our digital infrastructure. During the same period, an attempted intrusion targeting our servers via malware and simultaneous attack on the devices of two of our staff members was detected and reported.
The Belgrade Centre for Security Policy believes that, taken together, these incidents reflect a broader pattern of pressure on civil society actors, contributing to the shrinking space for independent, critical, and public-interest work.
After the indications of deliberate targeting by sophisticated actors, BCSP implemented all recommended mitigation measures and further strengthened its cybersecurity protocols. We are sharing this information to ensure full transparency and to uphold the highest security standards in our collaboration and we will continue to provide updates as the situation evolves.
Belgrade
28. November 2025
RELATED
Date: 17.11.2025.
Author: Belgrade Centre for Security Policy
Belgrade Centre for Security Policy awards the 2025 "Lighthouse" Award to Irena Joveva, member of the European Parliament from the Republic of Slovenia.
Date: 04.11.2025.
Author: Belgrade Centre for Security Policy
At the panel discussion “Freedoms Under Pressure: Civil Society and Digital Oversight in Serbia and Abroad”, organised by the Belgrade Centre for Security Policy (BCSP) on 31 October in Belgrade, speakers warned that digital surveillance and spyware use are rapidly becoming tools of political control in Serbia and across Europe, posing severe risks to human rights and democracy.
Date: 30.11.2024.
Author: Belgrade Centre for Security Policy
This November, the Belgrade Centre for Security Policy (BCSP) hosted the third annual Belgrade Security Conference, an event that has grown into a cornerstone for discussing pressing global and regional issues. This year’s conference saw record participation, with over 600 attendees, 80 distinguished panelists, and representation from more than 40 regional and European media outlets.
