Russia Aims at Montenegro

Russia is playing the long game in Montenegro, and NATO would do well to pay attention. Since 2016, it has used cyberattacks and coup attempts to redirect Podgorica toward its influence, and most recently, it landed a key ally in a powerful government position. Montenegro drifting toward Russia would not only mean a weaker NATO flank, but also losing a strategically placed ally that has become a strong regional leader in cybersecurity.

In October 2023, Montenegro’s parliament voted to form a coalition government after five months of negotiations. The pro-Russian “For the Future of Montenegro” party agreed to back pro-NATO prime minister Milojko Spajić’s cabinet in exchange for securing the position of parliament speaker—an influential political position. But the new speaker comes with significant baggage. Andrija Mandić was convicted of assisting the 2016 coup attempt, which sought to prevent Montenegro’s accession to NATO and to install a pro-Russian government. Mandić remains a staunch supporter of Russia, so much so that critics worry he will hinder the country’s EU ambitions. Mandić’s party is also set to gain four ministerial posts, further increasing the power of pro-Russian groups. This recent development comes after a series of attempts by the Kremlin to increase its influence.

The Coup Attempt

In 2016, only one day before a highly contentious parliamentary election asking voters to choose between closer ties with NATO or with Russia, the government announced that it thwarted a Russian-instigated coup attempt. The Russians charged in this case were probable members of Russia’s Main Directorate of the General Staff of the Armed Forces (GRU). Moscow was also accused of giving over 200,000 euros to purchase weapons and other supplies and to recruit participants. In her decision, Montenegrin chief judge Suzana Mugosa explained that the Russian agents tried to “change the electoral will” and “prevent Montenegro from joining NATO.” Their plan, however, failed, and Montenegro joined NATO on June 5, 2017. The appeals court has since annulled the verdict and ordered the high court to retry the case. 

Active Measures in the Cyber Domain

Undeterred, Moscow did not let its failure in 2016 bring its attempts to destabilize Montenegro to a standstill. After Podgorica joined NATO, Russia hit the country with hundreds of cyberattacks, in response to which Podgorica’s ties to NATO proved critical. NATO helped the country build up and develop its national cybersecurity infrastructure; for instance, NATO deployed the first Counter Hybrid Support Team to Montenegro to thwart hybrid attacks by pro-Russian groups in 2019. The United States also sent an elite cyber team to work with Montenegrin forces to fight malicious cyber actors in 2018 and 2019. 

Political Churn

As Podgorica’s ties to NATO expanded, however, Montenegro continued to experience a highly polarized political environment in which pro-Russian parties enjoyed considerable power. In 2020, a pro-Serbian and pro-Russian coalition came to power, ending the decades-long rule of a pro-NATO party. Despite the ruling party’s push for closer ties with Russia, however, then prime minister Zdravko Krivokapic stated that he would not try to end Montenegro’s NATO membership and would continue to work for EU accession. However, the coalition was at odds over numerous issues, including Serbian influence on Montenegro’s domestic affairs, so it was ousted in a vote of no confidence only 14 months after it came to power.

The next government was also short-lived. In August 2022, after only four months, another vote of no confidence toppled the new government after it signed a controversial agreement with the Serbian Orthodox Church. Critics of the agreement claimed it was a tool for Serbia and Russia to increase their influence in Montenegro. That government also came under fire for failing to advance the EU integration process.

Offline: Renewed Cyberattack

Around the same time in August 2022, Russia hit Montenegro with a massive cyberattack. The attack “crippled” staterun transportation services, water and electricity systems, and online platforms for several days. According to Minister of Administration Maras Dukaj, the country had never seen a cyberattack of this magnitude before. Montenegro’s government attributed the attack to the Russia-based ransomware gang Cuba ransomware, but the Agency for National Security blamed the attack “squarely on Russia,” as did Defense Minister Raško Konjević

But Montenegro had an ace up its sleeve: its membership in NATO. The Federal Bureau of Investigation’s rapid-response Cyber Action Team and France’s National Security Agency provided “onsite support to local teams in forensics, incident response, and remediation.” The United Kingdom also came to help Montenegro strengthen its cyberattack resilience. Additionally, due to NATO’s earlier cybersecurity support, the Ministry of Defense’s systems were well protected and thus did not suffer a serious breach. Public Administration Minister Marash Dukaj highlighted the value of this partnership: “Montenegro is not alone in this situation, our NATO partners are with us.” The 2022 cyberattacks were, in the end, a good news story about NATO alliances proving potent and powerful.

A Pivotal Moment: Cyber Star or Return to Russian Influence?

Montenegro has repaired the damage from the 2022 cyberattack with the help of NATO allies, and has emerged as a regional leader in cybersecurity. Montenegro was selected in November 2022 to host the Western Balkans Cyber Capacity Centre because of Podgorica’s history of cooperation with NATO and alignment with EU policy and legal frameworks. The center, an EU-initiative supported by France and Slovenia, aims to improve the region’s cyber capabilities by providing trainings for cybersecurity professionals, promoting regional cooperation and integration, and fostering cybersecurity curriculum in universities. Activities in 2024 include “Investigator training on cybercrime,” “Annual forum of heads of police specialized units,” and “CERT capacity building.” 

All this progress could be in jeopardy, however. While the newly formed government’s rhetoric regarding Montenegro’s foreign policy and EU integration goals remains steadfast, pro-Russia forces in Montenegro have considerable influence in the new government, and the government itself could not even have been formed without the backing of Mandić’s pro-Russian party.

This is a critical time for the West to focus its attention on the small Balkan state that has been a strong and important ally. Montenegrin forces fought alongside Americans in Afghanistan and have helped maintain peace in Liberia, Cyprus, and Somalia. Montenegro also plays a key stabilizing role in its historically volatile region. Additionally, with Montenegro in its membership, NATO controls the entire coast of the Adriatic Sea, an important strategic asset. Its emergence as an important defender of NATO in the cyber domain is still fragile, but promising. The country needs sustained attention from the European Union and NATO to thwart Russian aggression and influence, remain on its path to EU integration, and continue to play a stabilizing role in the region. 

Julia Dickson is a research associate with the International Security Program at the Center for Strategic and International Studies (CSIS) in Washington, D.C. Emily Harding is the director of the Intelligence, National Security, and Technology Program and deputy director of the International Security Program at CSIS. 

Research Associate, International Security Program
Emily Harding
Director, Intelligence, National Security, and Technology Program and Deputy Director, International Security Program