Skip to main content
search

Are Cybercrime Laws in North Macedonia Effective? A Review of Legal Frameworks and Enforcement Challenges

Written by: Natalija Ognenova Popovski, University “St. Kliment Ohridski” – Bitola.

Abstract

As digital technologies continue to evolve and shape our everyday lives, countries like North Macedonia are struggling to adapt and face growing challenges in keeping up with the rising threat of cybercrime. The increasing dependence on digital platforms, online services, and electronic communication has made people and organizations more vulnerable to various forms of cybercrime. This paper examines how North Macedonia addresses cybercrime through its legal system and legislation, focusing on how different types of digital crime are defined, regulated, and prosecuted—and, most importantly, what is the way forward with this type of evolving crime.

This paper also offers a comparative perspective by comparing how developed European countries with stronger legislative frameworks and effective rule of law and better education possibilities, approach similar challenges. This comparison aims to highlight the successful strategies, shared obstacles, and areas where North Macedonia’s current legal and enforcement mechanisms may benefit from reform or adaptation. Particular attention is given to issues such as enforcement limitations, the role of the other institutions in combating this type of crime, collaboration and coordination, the impact that academic research has, the application of the rule of law, and the availability of technical resources and expertise we have in North Macedonia.

Additionally, the paper looks at the broader context in which cybercrime occurs, including digital literacy, public awareness, and regional or international cooperation which is the most important part in combating global crime such as cybercrime. By outlining the current situation and identifying the key challenges faced by many countries—especially those in transition like North Macedonia—this paper aims to contribute to ongoing discussions around cybersecurity, legal reform, and digital resilience in the region. It also offers recommendations for preventing cybercrime and suggests possible directions for future research and policy development to support a safer and more secure digital environment.

1. Introduction

In a world where globalization connects and shapes everything and everyone, digital technologies have become deeply embedded in our daily lives helping us connect with people all over the world across borders while also introducing a whole new set of their own complex challenges. Digital technologies shape how we interact and communicate with others, the education process which we are involved in, and they also shape our work – now more than ever.

Given the significant role digital technologies play in our lives, an important question arises: how can we prevent their misuse? From financial threats and attacks to sophisticated cyberattacks on critical infrastructure, cybercrime has become one of the most pressing and one of the most dangerous global threats of the 21st century which combined with other crime can have the most lethal consequences.

So far, in battling every crime there is, the most important tool has always been, the law. The law itself and the rule of law is the first thing we need to have to punish and with that effectively prevent cybercrime. Nations across the world are racing to adapt their legal systems and enforcement mechanisms to confront this evolving landscape of criminal activity. For countries like North Macedonia—still undergoing economic and institutional transitions—this challenge is particularly acute.

North Macedonia, a small and still developing country in the Western Balkans and a candidate for European Union membership, has experienced a noticeable increase in digital technology-related crime in recent years. As online services become more used globally, so too does the exposure to cyber threats. Yet, despite the growing urgency and the threat this kind of crime presents, the development of legal and institutional frameworks in North Macedonia to prevent, detect, and prosecute cybercrime remains uneven and still is not developing to the pace it should. The country has taken steps to modernize its legal system, including adopting some international conventions and beginning to align with EU standards, but enforcement often lags behind legislation. Moreover, limited technical capacity, fragmented institutional coordination, and a lack of educational institutions and programs related to cybercrime and lack of specialized training in law enforcement further complicate the issue.

This paper will show how North Macedonia currently addresses cybercrime through its legal and institutional structures focusing also on how cybercrime is defined, punished and prosecuted but also comparing it to other countries more advanced with lower cybercrime who showcase a strong legislative in the cybercrime fight. The other important thing is highlighting the major challenges faced in enforcement and prevention.

A comparative analysis with more developed European countries—those with stronger legal frameworks and more experience in tackling cybercrime, will provide valuable insight into how North Macedonia might improve its approach. Key issues such as the effectiveness of existing laws, the capacity of relevant institutions, the availability of technical resources, and the role of international cooperation will be explored.

By offering both a national and comparative perspective, this paper aims to contribute to a better understanding of the current state of cybercrime law in North Macedonia and identify gaps and opportunities for reform and suggest future directions that could strengthen North Macedonia’s legal and institutional resilience in the digital age but also other countries that are trying to battle this kind of crime, effective solutions.

This paper is based on desk research and draws from legal texts, policy documents, international conventions, scholarly literature, and publicly available data on cybercrime trends in North Macedonia and selected European countries. Through critical analysis of these sources, the paper aims to interpret legal developments, identify enforcement challenges, and highlight patterns that inform a broader understanding of how cybercrime is addressed within different national contexts.

2. Understanding Cybercrime

2.1 Definition and common forms

The digital transformation our world went through the past few years reshaped how individuals and organizations work and brought new possibilities for a somewhat new evolved type of crime – cybercrime. Our daily dependence on digital tools grows every day and with that frequency of crimes committed through or against these technologies. Our involvement in digital technologies now with AI is even more concerning. We leave our personal information out on the internet, share everything about our personal lives and with that criminals learn more about crime itself and about their possible targets. That is the other perspective out there, the digital space can also be used as a crime itself attacking and stealing information, stealing money from your bank but also learning about people and committing crime in the physical world. Cybercrime has evolved into a very complex, global threat that does not know physical and legal borders, which makes it a significant risk to all of us, to our national security, economic stability, and personal privacy.

What is cybercrime? How can we define cybercrime with all its forms? Cybercrime is widely understood as all illegal activities that can involve or target computer systems, networks, or digital devices. So that means that every crime that is committed by using computer or computer network, or a digital device is a cybercrime. According to the United Nations Office on Drugs and Crime (UNODC), cybercrime includes both offenses committed with information and communication technology (ICTs) and crimes directed at computer systems themselves. The organization classifies these offenses into two main categories: cyber-dependent crimes and cyber-enabled crimes (UNODC 2013).[1]

Even though there are attempts to establish a unified definition, the concept of cybercrime remains legally and conceptually contested which makes it even harder for governments and complicating efforts to create harmonized legal responses.

Cyber-Dependent Crimes

These are offenses that can only be committed using digital technologies. They include:

  • Hacking: Unauthorized access to or manipulation of computer systems or networks.
  • Distributed Denial-of-Service (DDoS) attacks: Overwhelming a system with traffic so it is inoperable, or it no longer works.
  • Malware dissemination: Spreading malicious software to damage or compromise systems.

Such crimes typically target infrastructure and are highly technical in nature, requiring advanced knowledge and tools.

Cyber-Enabled Crimes

These are traditional crimes that have been adapted and enhanced using the internet and digital technologies. Common examples include:

  • Online fraud: Scams involving fake identities, phishing, or digital payment fraud.
  • Cyberbullying and harassment: The use of online platforms to threaten, shame, or harm individuals.
  • Identity theft: Stealing personal information to impersonate someone for financial or criminal purposes.

The anonymity offered by the internet has made these crimes more widespread and difficult to detect.

2.2 Emerging Trends

Cybercrime has evolved into a sophisticated and rapidly expanding threat, with global damages projected to reach $9.5 trillion USD in 2024, positioning it as the world’s third-largest economy if measured by GDP.[2]

Key Global Trends:

  • Artificial Intelligence (AI) in Cybercrime: AI has even more so helped cybercriminal activities, enabling the creation of realistic deepfakes, voice cloning, and automated phishing attacks but also helping criminals learn more about how to do these attacks.
  • Ransomware Proliferation and Online Scams: Ransomware attacks have surged, and scamming people has become even easier now with the help of AI.
  • Cybercrime-as-a-Service (CaaS): Services like ransomware-as-a-service and phishing kits are now available which can help even non-technical individuals to launch cyberattacks steal information or money.
  • Disinformation and Hacktivism: The spread of fake news and propaganda driven by different motives, spreading also conspiracy theories and making people afraid.

3. Cybercrime in North Macedonia

3.1 Legal framework and EU alignment

In North Macedonia, cybercrime is officially referred to as “computer crime” and is regulated under the Criminal Code (Кривичен законик). The legal framework recognizes several specific offenses as computer crimes, aligned with the country’s efforts to harmonize its legislation with European Union standards. The key provisions are found in Articles 251-a to 251-e of the Criminal Code, available through the official Ministry of Justice portal (pravda.gov.mk).[3]

The relevant provisions are primarily concentrated in Articles 251-a through 251-e, with supplementary offenses dispersed across other parts of the code. These articles, available through the Ministry of Justice portal (pravda.gov.mk), provide the statutory basis for prosecuting a range of cyber offenses, from system intrusion to online fraud and digital forgery.

Primary Cybercrime Offenses (Articles 251–251-e)

  • Article 251: Damage and Unauthorized Access to a Computer System. This article addresses unauthorized access to computer systems and the damage or interference with computer data.
  • Article 251-a: Production and Distribution of Computer Viruses. Criminalizes the creation and dissemination of malicious software designed to disrupt, damage, or gain unauthorized access to computer systems.
  • Article 251-b: Computer Fraud. Pertains to fraudulent activities conducted through computer systems, including unauthorized data manipulation for personal gain.
  • Article 251-v: Exceeding Authorization While Using a Computer System. Focuses on individuals who, while having authorized access, exceed their permissions to access or manipulate data unlawfully.
  • Article 251-g: Hindering the Functioning of a Computer System. Addresses actions that intentionally disrupt or impede the normal operation of computer systems.
  • Article 251-d: Computer Forgery and Misuse of Electronic Signatures. Covers the falsification of electronic documents and the unauthorized use of electronic signatures.
  • Article 251-e: Computer Fraud. Deals with deceptive practices using computer systems to unlawfully obtain property or services.

Related Offenses Involving Computer Systems

  • Article 149: Misuse of Personal Data. Criminalizes unauthorized collection, processing, or use of personal data, especially when facilitated through computer systems.
  • Article 193: Displaying Pornographic Material to a Child. Addresses the act of showing pornographic content to minors, including through digital means.
  • Article 193-a: Production and Distribution of Child Pornography. Pertains to creating or disseminating child pornography, often involving digital platforms.
  • Article 193-b: Enticement to Intercourse or Other Sexual Acts on a Minor Under 14 Years. Covers online grooming and solicitation of minors for sexual activities.
  • Article 274-b: Issuing a Bad Check and Abuse of a Credit Card. Includes offenses related to electronic payment fraud and misuse of digital financial instruments.
  • Article 379-a: Computer Forgery. Focuses on the creation or alteration of digital documents with the intent to deceive.
  • Article 394-d: Dissemination of Racist and Xenophobic Material Through Computer Systems. Addresses the spread of hate speech and discriminatory content via digital platforms.

Note: While the Criminal Code encompasses a broad range of computer-related offenses, not all are frequently prosecuted or appear in statistical reports. For instance, certain articles may have limited or no recorded cases in specific years, leading to their absence in official crime statistics.

North Macedonia is a signatory to the Budapest Convention on Cybercrime, which serves as the main international treaty on the subject. Its domestic legislation largely reflects the structure and terminology of this convention, showing a clear intent to align with EU directives on cybercrime and digital evidence. The strategy is further outlined in policy documents from the Ministry of Interior and national cybersecurity initiatives, such as the draft National Cybercrime Strategy (2024), referenced in sources like rolaw.mk and the Global Initiative against Transnational Organized Crime report on Southeastern Europe.[4]

While the legal text itself provides the structure, enforcement and application remain under development, as shown by expert commentary from the national CIRT and the growing number of reported incidents in government and public infrastructure sectors.

Legal breadth vs. practical application

While North Macedonia’s legal text provides a reasonably comprehensive structure for criminalizing cyber-related activity, application in practice remains uneven. Not all offenses are regularly prosecuted or appear in statistical reporting, often due to inconsistent enforcement, resource constraints, or data aggregation issues. For instance, some articles may have zero recorded cases in particular years not because the offenses did not occur, but because they were not coded, reported, or prosecuted as such.[5]

This disconnect between statutory potential and enforcement practice has been repeatedly identified in cybersecurity assessments by both domestic institutions and international observers. Experts from the national Computer Incident Response Team (MKD-CIRT) have emphasized the need for better operational clarity and inter-agency coordination to improve enforcement outcomes and streamline data collection.

International Commitments and Policy Alignment

North Macedonia is a signatory to the Budapest Convention on Cybercrime, the most widely adopted international treaty on digital crime, signaling its commitment to harmonizing with EU standards on electronic evidence, transnational cooperation, and procedural safeguards (Council of Europe 2001).

Domestically, the country has begun to align its laws with European directives, but implementation gaps remain. Notably, a draft National Cybercrime Strategy (2024) has been proposed, outlining priorities such as cross-border information sharing, national coordination, and capacity building. However, this strategy has yet to be fully adopted or enforced, raising questions about political will and institutional readiness.[6]

3.2 Prosecution, statistics, and enforcement challenges

Table 1: Trend of Accused Persons for Computer-Related Crimes in North Macedonia (2017–2023)[7]

Year Computer Fraud Unauthorized Access/Damage Computer Forgery
2017 1 18 1
2018 0 9 0
2019 0 7 0
2020 0 11 0
2021 0 22 0
2022 0 30 0
2023 2 18 0

Computer Fraud north macedonia

Table 2: Overview of prosecution for Computer-Related Crimes in North-Macedonia

Year Accused Convicted
2017 18 17
2018 9 9
2019 7 7
2020 11 11
2021 22 22
2022 30 30
2023 18 18

Source: Table 1 and 2 are sourced from the MakStat Database of the State Statistical Office of North Macedonia, while the visualization was created by the author.

Despite detailed legal categorization, many cybercrime provisions are underrepresented in official crime statistics.[8] This is not due to a lack of legislation, but rather to the institutional practice of aggregating offenses under broader categories. For instance, Article 251-a (unauthorized access) and 251-b (data interference) are often merged under a general “computer misuse” label, while others, like Article 251-v (exceeding authorization) are rarely isolated in reporting.

This tendency reflects a broader problem in implementation: although multiple offenses exist in law, only a few are actively prosecuted, and even fewer are disaggregated in public reporting. As a result, legal complexity is flattened in practice, obscuring the real distribution of cyber offenses and limiting accountability.

The most frequently prosecuted cybercrime in North Macedonia is unauthorized access/damage. In 2022 alone, 30 people were both accused and convicted for this category, with nearly identical figures in prior years. In contrast, cyber fraud and forgery appear in the data only sporadically, often with one or two individuals prosecuted, or not at all.

This suggests a highly selective prosecutorial strategy. Prosecutors appear to prioritize cases where digital evidence is clear, traceable, and easily demonstrable in courts such as unauthorized login attempts, IP tracebacks, or manipulation of digital systems. These are crimes with forensic “clarity,” and as such, they are more likely to end in conviction.

Less straightforward cases, those involving fraud through phishing, social engineering, or cross-border financial schemes – are rarely brought forward. These cases often involve complex evidence chains, multiple jurisdictions, and victim ambiguity. Rather than pursue these more difficult offenses, institutions may sideline them, focusing limited resources on high-certainty cases that guarantee procedural success.

The conviction rate for cybercrime in North Macedonia is remarkably high. Between 2017 and 2023, nearly every person accused of a cybercrime was also convicted. On the surface, this may appear to reflect an efficient judicial system—but deeper analysis complicates this interpretation.

This consistency may stem not from institutional strength, but from prosecutorial filtering. Only the most clear-cut cases appear to proceed to trial, effectively eliminating the possibility of acquittal or dropped charges. While this ensures efficient processing, it also reveals a system that avoids legal ambiguity rather than addressing it.

In other words, the high conviction rate is less an indicator of comprehensive cyber enforcement and more a reflection of how narrow the prosecutorial window has become. Crimes that are hard to prove, complex in structure, or lacking strong digital evidence may never reach the judicial stage. This is concerning, particularly for evolving threats like identity theft, deepfakes, ransomware, or AI-assisted fraud, many of which require proactive investigative capacity and doctrinal innovation. The current system is reactive, not adaptive.

For instance, the law provides for prosecution of computer forgery (Article 251-d) and fraud (Article 251-e), yet both are virtually absent from court outcomes. This suggests a need for institutional re-training, inter-agency coordination, and stronger digital investigative units capable of handling evidence chains that are less linear than “unauthorized login = crime.”

In addition, the lack of specialized cyber prosecutors or dedicated digital evidence courts further slows the evolution of a mature legal doctrine. Most cybercrime cases are handled under the general criminal framework, without differentiation between technical crimes and conventional offenses. This undermines both the specialization and deterrence needed for a credible cybercrime policy.

North Macedonia’s legal framework for cybercrime exists, but enforcement remains limited to a narrow band of offenses that are easy to prosecute. This creates a skewed picture: while prosecution appears effective, it is not comprehensive. The current model favors certainty over coverage.

To improve, the country must move beyond reactive enforcement of only obvious digital intrusions. It needs to build a prosecution model that incorporates complex fraud, platform-based offenses, and transnational cyber schemes. This will require institutional investment in cyber-forensics, prosecutor training, and clearer classification practices at the reporting level.

Without such reforms, the country risks allowing more sophisticated cyber threats to evolve unchecked, outside the reach of courts, beyond the scope of enforcement, and invisible in national statistics.

3.3 Education, training, and institutional capacity

Cybercrime in North Macedonia is not merely a technological threat; it reflects systemic deficits in public awareness, institutional preparedness, and digital literacy. Small and medium-sized enterprises (SMEs) remain particularly vulnerable, primarily due to insufficient investment in cybersecurity infrastructure and staff training. As Professor Jugoslav Achkoski has noted, public understanding of cyber risk remains dangerously low, and there is no dedicated cybersecurity agency with national authority, unlike in more digitally mature European states.[9]

A major contributor to the problem is the widespread use of weak credentials. Achkoski points out that even basic eight-character passwords can now be easily breached with modern AI-powered brute-force tools, while other countries have already transitioned to biometric and multi-factor authentication as a baseline standard.

The Ministry of Interior reported that individual reports of cybercrime more than doubled between 2022 and 2023. However, reports from private companies dropped significantly. This disparity is likely due not to a decrease in attacks, but to chronic underreporting—possibly caused by reputational concerns, a lack of awareness, or the absence of clear reporting channels.

Digital habits and demographic vulnerabilities

Survey data from North Macedonia’s national Computer Incident Response Team (MKD-CIRT) indicates that approximately 72.5% of internet users employ some form of cybersecurity protection, most commonly antivirus software. However, these users tend to fall within the 35–55 age range and possess higher education levels, suggesting significant demographic gaps in digital hygiene.

One of the most rapidly growing threats in the country is phishing, often executed through SMS or email impersonation. Victims are typically lured into clicking malicious links under the pretense of a missed package delivery or blocked bank account. According to MKD-CIRT director Sevdali Selmani, these attacks have resulted in severe financial losses, particularly for elderly citizens, many of whom have lost their entire pensions after disclosing personal banking information. Selmani has described the situation as “alarming,” citing tens of thousands of infected devices currently in operation within the country.[10]

This lack of basic cyber awareness is not unique to North Macedonia but reflects a broader regional trend across the Western Balkans, where public cybersecurity education is underdeveloped, and media literacy programs are either absent or disconnected from national strategy.

State-level attacks and institutional exposure

Beyond individual-level vulnerabilities, national institutions have come under direct cyberattack in recent years. In 2022 and early 2023, ransomware campaigns disrupted operations at the Ministry of Agriculture, Ministry of Education, and the Health Insurance Fund. These incidents exposed longstanding weaknesses in state infrastructure, including reliance on outdated software, lack of encryption protocols, and inadequate incident response mechanisms.

The problem of phishing is not limited to individual citizens. Government email systems were also compromised, with attackers sending impersonation emails to civil servants and members of the public. In one notable case, the government’s main website (vlada.mk) was hijacked and transformed into an e-commerce site selling shoes and accessories. This incident likely stemmed from an insider breach or failure to follow basic administrative controls.

The misuse of state platforms extends beyond embarrassment. In one incident, cryptocurrency mining software was found running on the Public Procurement Bureau’s official website, strongly suggesting insider involvement and a lack of institutional monitoring.

Emerging threats: DDoS, political targeting, and spyware

North Macedonia has also been a target of distributed denial-of-service (DDoS) attacks, particularly during periods of heightened political tension. These attacks are often used to overload public websites, delay communication, or distract from parallel intrusions. Though these events are sometimes dismissed as nuisances, they can be highly disruptive when coordinated against multiple services simultaneously.

A particularly troubling case occurred in 2020, when the electoral commission suffered a cyberattack during national elections. Investigations later revealed that corruption in procurement and low cybersecurity standards had created significant exposure points. This incident illustrated how systemic weaknesses—such as politicized hiring practices and vendor favoritism—can undermine even core democratic functions.

One of the most controversial developments occurred when a young North Macedonian entrepreneur was linked to the production of Predator spyware, a commercial surveillance tool found on the phones of journalists and political dissidents. His company, Cytrox, was sanctioned by the U.S. government for its role in the development and export of this technology. The incident not only raised ethical concerns but also placed North Macedonia under international scrutiny regarding its role in the global surveillance economy.[11]

Systemic gaps

Taken together, these developments highlight not only technological gaps but institutional and societal shortcomings. While individual citizens lack awareness and education, public institutions struggle with outdated systems, insufficient oversight, and fragmented leadership on cybersecurity policy.

North Macedonia’s current approach to cybersecurity remains reactive rather than strategic. It lacks a centralized, empowered authority to coordinate prevention, detection, and education efforts across sectors. Without broad-based digital literacy programs, mandatory reporting requirements, or legal mandates for infrastructure upgrades, the country remains highly exposed to both targeted and indiscriminate cyberattacks.

What is urgently needed is a shift in mindset from cybersecurity as a technical issue, to cybersecurity as a national governance priority. Only with stronger institutions, sustained investment, and cross-sector coordination can North Macedonia build the resilience needed to confront the evolving digital threat landscape.

4. Comparative Case Study: Czech Republic vs. North Macedonia

While North Macedonia has established essential components—such as the MKD-CIRT and partial legal alignment with European cybersecurity frameworks—significant challenges persist. These include low levels of public cyber awareness, insufficient integration of cybersecurity into critical infrastructure planning, and the absence of a fully implemented national strategy. In comparative terms, North Macedonia performs similarly to its Western Balkan neighbors but remains well behind EU member states in institutional sophistication, legal clarity, and civic preparedness.

The Czech Republic represents a useful comparator, ranking 1st globally on the NCSI with a score of 98.44. The legal and institutional differences between the two countries are stark and instructive.

The Czech Republic adopted a comprehensive Cybersecurity Act (Act No. 181/2014 Coll.) in 2014. This law clearly defines key cybersecurity concepts, assigns institutional responsibilities, and mandates risk assessments and incident reporting from critical infrastructure entities. It forms the backbone of a proactive national strategy.[12]

By contrast, North Macedonia continues to regulate cybercrime primarily through provisions in its Criminal Code (Articles 251-a to 251-e). These provisions criminalize unauthorized access, system interference, and digital fraud, but they are focused more on punishment than prevention. There is no standalone cybersecurity law that articulates national or sector-specific responsibilities.

Institutional differences are equally important. The Czech Republic’s National Cyber and Information Security Agency (NÚKIB) has full regulatory authority and operates independently. It coordinates national strategy, conducts compliance monitoring, and can issue binding directives.

In North Macedonia, MKD-CIRT operates under the Agency for Electronic Communications. While technically competent, it lacks legal authority and policy-making power. Its role is reactive rather than strategic, limiting its influence on broader state preparedness.

The Czech model integrates cybersecurity across the education system and public policy. Awareness campaigns are coordinated nationally, and cybersecurity is embedded in school curricula. In contrast, North Macedonia relies on sporadic awareness efforts from MKD-CIRT, with no legislative backing or budget allocation for continuous public engagement.[13]

Table 3. Key comparisons between the Czech Republic and North Macedonia

Category Czech Republic North Macedonia
Cybersecurity Rank (NCSI) 1st (98.44) 59th (58.44)
Dedicated Cybersecurity Law Yes – Act No. 181/2014 Coll. on Cybersecurity No – Cybercrime covered within Criminal Code only
National Cybersecurity Strategy Updated regularly (latest: 2021–2025) Draft strategy presented in 2024
Central Cyber Authority NÚKIB (National Cyber and Information Security Agency) MKD-CIRT (under Agency for Electronic Communications)
Obligations for Critical Infrastructure Mandatory incident reporting and audits Not fully regulated or enforced
Public Awareness Programs Extensive campaigns and school integration Limited awareness, mostly handled via MKD-CIRT initiatives
Cybercrime Legal Framework Comprehensive – separate from general criminal law Articles 251-a to 251-e in the Criminal Code
International Cooperation Active in EU cybersecurity networks and ENISA Member of Budapest Convention, limited EU integration

Four key differences stand out:

  • Legal Specificity: The Czech model provides a detailed legal framework for cybersecurity; North Macedonia’s framework remains limited to criminal sanctions.
  • Institutional Authority: NÚKIB holds binding enforcement power; MKD-CIRT does not.
  • Proactive Governance: Czech law mandates audits and incident reporting; North Macedonia lacks enforceable obligations.
  • Public Integration: The Czech Republic embeds cybersecurity into public education; North Macedonia does not.

These contrasts highlight the structural weaknesses in North Macedonia’s approach, particularly the lack of a centralized legal and institutional framework capable of sustaining long-term resilience.

5. Conclusion

Cybercrime in North Macedonia has evolved from a peripheral concern into a systemic threat affecting public institutions, businesses, and citizens alike. While the legal foundations for addressing cybercrime—namely Articles 251-a through 251-e of the Criminal Code—do exist, they are insufficient for the scale and complexity of contemporary digital threats. These provisions criminalize key activities such as unauthorized access and data interference but do not form part of an integrated or preventive cybersecurity regime. The result is a legal framework that reacts to incidents but lacks the tools to anticipate, deter, and systematically manage them.

Comparative insights reveal the structural limitations of North Macedonia’s approach. In contrast to countries like the Czech Republic, which has enacted a dedicated cybersecurity law and empowered a central authority with regulatory and coordination powers, North Macedonia remains governed by fragmented responsibilities and outdated legislation. Efforts by institutions such as MKD-CIRT are technically competent but constrained by their lack of statutory authority and limited reach beyond the IT sector.

The persistence of low public awareness further weakens the national response. Despite rising rates of phishing, ransomware, and infrastructure attacks, large segments of the population—and particularly vulnerable groups—continue to lack even basic cybersecurity knowledge. Small and medium-sized enterprises also face capacity gaps in prevention, response, and reporting. These trends indicate that technical institutions alone cannot shoulder the burden of national cyber defense. What is needed is a societal shift in how cybersecurity is understood, prioritized, and integrated into governance.

Moving forward, North Macedonia must replace its reactive posture with a forward-looking strategy anchored in law, education, and institutional reform. A dedicated cybersecurity law should be passed to define national responsibilities, empower enforcement agencies, and mandate protective practices across public and private sectors. Institutions like MKD-CIRT must be equipped with legal mandates, operational independence, and sufficient funding to play a leading role. Public education must no longer be left to occasional campaigns but embedded in school curricula, professional training, and civic engagement programs.

Furthermore, cybersecurity readiness must include preparation for emerging technologies—particularly artificial intelligence—which introduce both new vulnerabilities and new tools for defense. Investment in AI governance, forensic capabilities, and cross-border cooperation will be critical to maintaining relevance and resilience in a global threat environment.

Ultimately, cybersecurity cannot remain a secondary issue in North Macedonia’s digital development. It must become a foundational principle across law, governance, and public life. Only by adopting a comprehensive, inclusive, and strategic approach can the country move from reactive enforcement toward meaningful cyber resilience.

6. Recommendations

1. Legal Reform and Strategic Realignment

North Macedonia’s current legal architecture is reactive and fragmented. The Criminal Code provides a foundational definition of cybercrime but lacks the structure needed for systemic cybersecurity governance. Legal responsibilities are scattered across institutions, and critical sectors have no binding obligation to report incidents or conduct risk assessments.

To move forward, North Macedonia must adopt a dedicated cybersecurity law. Such legislation should define institutional mandates, establish oversight mechanisms, and integrate cybersecurity into national policy. Without this foundation, strategic documents will remain non-binding and ineffective. A shift from incident response to proactive risk management is critical.

Key Recommendation: Enact a standalone cybersecurity law modeled after the Czech framework, with clear provisions for institutional coordination, compliance auditing, and mandatory incident reporting.

2. Institutional Strengthening

MKD-CIRT, while technically capable, lacks the legal authority and financial autonomy to drive national strategy. Its current position under the Agency for Electronic Communications limits its ability to influence cross-sector policy or initiate binding actions.

North Macedonia should either expand MKD-CIRT’s role or establish a new national cyber authority with regulatory power, independent oversight, and coordination mandates similar to NÚKIB in the Czech Republic.

3. Mandatory Risk Assessment and Reporting

Currently, there are no formal obligations for public or private entities to assess cyber risk or report incidents. This undermines national preparedness and prevents the development of shared threat intelligence.

A national cybersecurity law should require critical infrastructure operators, financial institutions, and digital service providers to conduct periodic risk assessments and report all cyber incidents to a centralized authority.

4. Cybersecurity Education and Public Awareness

North Macedonia must move beyond ad hoc awareness campaigns. Cyber literacy should become part of the formal education system, beginning in primary school and extending through vocational and university-level programs. Public awareness campaigns must be legally mandated, strategically funded, and evaluated for impact.

Digital resilience is not merely a technical issue but a social one. Citizens must be equipped with the skills and knowledge to navigate online risks, identify threats, and act responsibly in digital environments.

5. Technology, AI Readiness, and Workforce Development

The integration of artificial intelligence into government and private sector operations creates both opportunities and vulnerabilities. As AI tools become more widespread, North Macedonia must invest in secure infrastructure and build legal frameworks for ethical and accountable AI use.

Training the next generation of cybersecurity professionals is essential. Public investment should support academic programs in cybersecurity, digital law, and AI governance. This includes scholarships, institutional grants, and partnerships with EU institutions.

6. Regional Cooperation and Civic Engagement

Cybercrime in Southeastern Europe often crosses borders due to shared language, infrastructure, and market integration. Regional cooperation under frameworks like the Budapest Convention should be expanded through practical exchanges, shared monitoring systems, and harmonized enforcement protocols.

Equally important is civic engagement. Citizens are not merely targets—they must be treated as stakeholders. Governments should foster a culture of transparency by openly communicating about threats, offering real-time public alerts, and encouraging safe digital behavior. Ethical hacking programs, crowdsourced vulnerability reporting, and public education campaigns can all contribute to a more resilient society.

References

  1. United Nations Office on Drugs and Crime. Comprehensive Study on Cybercrime. Vienna: United Nations, 2013. https://www.unodc.org/documents/organized-crime/UNODC_CCPCJ_EG.4_2013/CYBERCRIME_STUDY_210213.pdf.
  2. Secureworks. 2024. Boardroom Cybersecurity Report 2024. Atlanta: Secureworks, November 5, 2024. https://www.secureworks.com/centers/boardroom-cybersecurity-report-2024.
  3. Republic of North Macedonia. Criminal Code. Ministry of Justice. Accessed May 8, 2025. https://www.pravda.gov.mk/.
  4. State Statistical Office of the Republic of North Macedonia. MakStat Database. Accessed May 8, 2025. https://makstat.stat.gov.mk/.
  5. Alfa.mk. “Cybercrime Is a Serious Problem That Spares No One.” November 25, 2024. https://alfa.mk/sajber-kriminalot-e-seriozen-problem-od-koj-nikoj-ne-e-poshteden/.
  6. Global Initiative Against Transnational Organized Crime. “Cyber-Enabled Crime in South Eastern Europe.” Risk Bulletin #19. August 2024. https://riskbulletins.globalinitiative.net/see-obs-019/01-cyber-enabled-crime-south-eastern-europe.html.
  7. E-Governance Academy Foundation. National Cyber Security Index: North Macedonia. Accessed May 8, 2025. https://ncsi.ega.ee/country/mk_2022/?pdfReport=1.
  8. E-Governance Academy. 2025. National Cyber Security Index – Czech Republic and North Macedonia. https://ncsi.ega.ee/
  9. Ministry of Justice of North Macedonia. 2025. Criminal Code of the Republic of North Macedonia. https://www.pravda.gov.mk/
  10. MKD-CIRT. 2023. Annual Work Program 2023. https://mkd-cirt.mk/wp-content/uploads/2023/03/20221025_Programa_za_rabota_2023.pdf
  11. Global Initiative Against Transnational Organized Crime. 2024. “Cyber-Enabled Crime in South Eastern Europe.” Risk Bulletin #19. https://riskbulletins.globalinitiative.net/see-obs-019/
  12. NÚKIB (National Cyber and Information Security Agency). 2023. “Cybersecurity Strategy of the Czech Republic 2021–2025.” https://nukib.gov.cz/
  13. Czech Republic. 2014. Act No. 181/2014 Coll. on Cybersecurity.
  14. MKD-CIRT. 2023. Annual Work Program. https://mkd-cirt.mk
  15. Achkoski, Jugoslav. 2024. Interview with Kanal 5, February 18.
  16. Selmani, Sevdali. 2024. National CIRT Annual Report. https://mkd-cirt.mk
  17. U.S. Treasury. 2023. “Treasury Sanctions Entities Linked to Predator Spyware.” December 11. https://home.treasury.gov/news/press-releases
  18. Council of Europe. 2001. Budapest Convention on Cybercrime. https://www.coe.int/en/web/conventions/full-list/-/conventions/treaty/185
  19. Global Initiative Against Transnational Organized Crime. 2024. “Cyber-Enabled Crime in South Eastern Europe.” Risk Bulletin #19. https://riskbulletins.globalinitiative.net/see-obs-019
  20. MKD-CIRT. 2023. National Strategy Draft and Annual Report. https://mkd-cirt.mk
  21. Rolaw.mk. 2024. “Draft Cybercrime Strategy Published.” https://www.rolaw.mk
  1. United Nations Office on Drugs and Crime. Comprehensive Study on Cybercrime. Vienna: United Nations, 2013. https://www.unodc.org/documents/organized-crime/UNODC_CCPCJ_EG.4_2013/CYBERCRIME_STUDY_210213.pdf.
  2. Secureworks. 2024. Boardroom Cybersecurity Report 2024. Atlanta: Secureworks, November 5, 2024. https://www.secureworks.com/centers/boardroom-cybersecurity-report-2024.
  3. Republic of North Macedonia, Criminal Code, Ministry of Justice, accessed May 8, 2025, https://www.pravda.gov.mk/.
  4. Council of Europe. 2001. Budapest Convention on Cybercrime. https://www.coe.int/en/web/conventions/full-list/-/conventions/treaty/185
  5. Global Initiative Against Transnational Organized Crime. 2024. “Cyber-Enabled Crime in South Eastern Europe.” Risk Bulletin #19. https://riskbulletins.globalinitiative.net/see-obs-019
  6. Rolaw.mk. 2024. “Draft Cybercrime Strategy Published.” https://www.rolaw.mk
  7. State Statistical Office of the Republic of North Macedonia, MakStat Database, accessed May 8, 2025, https://makstat.stat.gov.mk/ ; graph created by the author.
  8. While the Criminal Code of North Macedonia defines multiple computer-related offenses under Articles 251-a to 251-e, not all of these appear as distinct categories in the official statistical tables published by the State Statistical Office (MakStat). This is not due to omission, but rather due to how crimes are reported, grouped, or prosecuted in practice. For example, offenses such as unauthorized access (251-a) and data interference (251-b) are often aggregated under a broader category like “unauthorized access and damage to computer systems.” Other articles, such as exceeding authorization (251-v) or hindering system functionality (251-g), may be underreported or not actively prosecuted during the observed period (2017–2023), and therefore are not separately visible in the dataset. This reflects a common gap between the legal framework and real-world statistical reporting, where not all codified offenses result in measurable case data year to year.
  9. Achkoski, Jugoslav. 2024. Interview with Kanal 5, February 18.
  10. Selmani, Sevdali. 2024. National CIRT Annual Report. https://mkd-cirt.mk
  11. U.S. Treasury. 2023. “Treasury Sanctions Entities Linked to Predator Spyware.” December 11. https://home.treasury.gov/news/press-releases
  12. Czech Republic. 2014. Act No. 181/2014 Coll. on Cybersecurity.
  13. MKD-CIRT. 2023. Annual Work Program. https://mkd-cirt.mk

 

Tags:

Guest Author

About Guest Author

Blue Europe's guest authors contribute specialised insights on Central and Eastern European affairs. These authors, whether invited or unsolicited, include experts from academia, politics, journalism and independent research. While individual backgrounds may vary, each contribution is selected for its analytical rigour and relevance to the Think Tank's vision of promoting European integration and understanding. Their work supports Blue Europe's mission to provide high quality and impactful analysis on critical issues facing our continent.

You May Also Like

Romania Industry Policy Papers & Analyses Nanotechnology: Romania’s Gateway to Western European Competitiveness

Nanotechnology: Romania’s Gateway to Western European Competitiveness

Guest Author
Guest Author2025-10-29
Warsaw digital city Policy Papers & Analyses The Transition of CEE Countries to the Sixth Technological Order

The Transition of CEE Countries to the Sixth Technological Order

Guest Author
Guest Author2025-10-22
Albania European Union Policy Papers & Analyses The EU’s Foreign Policy as a Strategy for the Promotion of Human Rights: Albania’s candidacy 2009-2019

The EU’s Foreign Policy as a Strategy for the Promotion of Human Rights: Albania’s candidacy 2009-2019

Guest Author
Guest Author2025-10-15

Subscribe to our newsletter!

Close Menu
×