This report outlines cyber incidents and response of national Computer Emergency Response Teams (CERTs) in Western Balkan economies in Spring 2020, during the first months of COVID-19. Through surveys and feedback gained from national Western Balkan CERT teams, this report analyses specific challenges faced and provides insights on how transnational and private sector cooperation could further improve cyber incident response in the region.

In a COVID-19 world, where many services have moved online at accelerated speed, there are exponentially more cyber threats to not only individuals and businesses, but also healthcare facilities, educational institutions, critical infrastructure and state organs. This report outlines how in the Western Balkan region, the largest vector of cyber threats during the early months of COVID-19 came from traditional phishing campaigns targeting and exploiting public health and safety concerns during the pandemic. 

Following survey conducted with Western Balkan national CERTs, the report categorizes activities and joint efforts of the CERTs during the outbreak of COVID-19 into two main categories:
1. Public awareness raising efforts and public security warnings; 
2. Extended trainings and educational activities. 

The report concludes by emphasizing the need and interest for more regional and international cybersecurity co-operation in the Western Balkan region, which was confirmed by several national CERTs during a regional meeting held in preparation for the drafting of this report.