Centre for Civic Education (CCE), in the context of the latest events related to cyber-attacks on the digital infrastructure of Montenegrin institutions, calls on decision-makers to promptly start work on the systemic development of cyber capacities. This would also affect the reduction of negative consequences of the existing situation in relation to the functioning of the public administration, as well as citizens, who are for days deprived of numerous information and exercise of their rights, as well as prevention or a better response to similar future situations.
CCE reminds that the government’s IT infrastructure has been exposed to continuous cyber-attacks for weeks, which has led to the temporary suspension of certain services, and the impossibility of normal functioning and interaction of citizens with state administration bodies. For example, these days, natural and legal entities cannot even access the e-Government portal, and they are deprived of access to one of more than 500 services offered on this portal. It should be emphasized that cyber-attacks are not a novelty for Montenegro and that the country was the target of similar ones, although less ‘serious’ attacks in 2016 and 2017, but this was not a lesson for the decision-makers, so investments in building cyber security remained on minimum.
In its Report for 2021, the European Commission stated that Montenegro’s capacity in the field of cybercrime is progressively growing, but that it is still not strong enough to face global threats in this area. These problems are also noted in the Cyber Security Strategy from 2022 to 2026, where it is stated that Montenegro does not have adequate mechanisms for detecting cyber threats, as well as mechanisms for a sufficiently quick response, i.e. recovery from cyber-attacks. An additional problem is a fact that Montenegro is faced with limited human, technical and financial resources in this area. The problem of lack of experts is highly pronounced, as illustrated by the data that “only 1% of employed public servants have undergone training on the subject of cyber security“, as noted in the Strategy.
Current developments remind us of the fact that this issue was not in the focus of decision-makers. Therefore, the CCE welcomes the announcement of the Minister of Public Administration, Maraš Dukaj, on the formation of a specialized Agency for Cyber Security, as well as urgent investments in this area, and the preparation of the new Proposal for the Law on Information Security. At the same time, we express the hope that this will not remain a promise, and that the Ministry is already taking action to implement it.
This situation and increased fear of the leak of personal data can lead to a loss of citizens’ trust in the electronic services of the public administration, which is otherwise low. This would mean that even the small number of citizens who switched to e-services, especially during the COVID19 pandemic, will return to the old way of functioning, which will also burden the state administration. Instead of moving forward as a society and acknowledging the benefits of digitization and e-services, especially in the form of saving time and money, reducing corruption, increasing efficiency and improving the quality of life, the citizens of Montenegro, due to irresponsibility and systemic inaction in the field of digitization and cyber security, deny basic rights and prevent the regular performance of activities.
The CCE will continue to urge decision-makers to invest more efforts in the reform and digitization of public administration, among other things, through the project “E-education to PARTicipation“, supported by the Ministry of Public Administration. On the other hand, we expect the competent authorities to urgently take measures to eliminate the damage caused by cyber-attacks and to work on the prevention of similar ones and thus prevent the further erosion of citizens’ trust in state institutions and enable them to function normally and exercise their rights.
Milica ZINDOVIĆ, Programme Associate