Montenegro and some other Balkan countries fear meddling from Moscow in what they believe is an expansion of Russian foreign policy, according to the report by RFE/RL.

Officials in Podgorica feel their country is especially vulnerable. Over the last two years, authorities in Montenegro have recorded a sharp rise in cyberattacks, mostly targeting state institutions and media outlets in that aspiring EU state on the Adriatic, RFE/RL reports.

“We are doing everything to be prepared the best we can,” Milica Jankovic, the head of the Directorate for Electronic Administration and Information Security at the Public Administration Ministry, told RFE/RL.

“We are organizing prevention and monitoring systematically, and we will try to recognize the attacks and predict them before they arise.”

Jankovic said cyberattacks in 2017 totaled around 700, a 20-fold increase over previous years.

Montenegro’s leaders also say Moscow tried to interfere in the country’s 2016 general elections, a charge that Russian officials have denied. Adding to that, the authorities and ruling parties claim that Russia sponsored a coup attempt on election day during that vote.

“Attacks with a political background are most commonly occurring in the organization of states, and malicious programs distributed in the service of states are the most massive weapons used by states in the pursuit of their political goals,” said Adis Balota, dean of the Faculty of Information Technology at the Mediterranean University in Podgorica.

“Montenegro before every election cycle or change, and not only Montenegro, but also the region — Macedonia, Serbia, Bosnia-Herzegovina. The activity of such attacks or attempts to attack a certain state infrastructure is always increasing,” Balota added.

Montenegro’s government has stopped short of officially pinning the attacks on Russian sources.

But IT security firms such as FirstEye and Trend Micro say they have seen evidence tying many of them to APT28, a Russian hacker group also known as Fancy Bear and a half dozen other sobriquets, which has been tied by U.S. intelligence services and private cybersecurity analysts to the Russian military intelligence service, GRU.

Fancy Bear has been accused of attempted election interference and cyberattacks on NATO, the White House, and possibly a handful of German government institutions.

The EU’s Agency for Network and Information Security (ENISA) has said Montenegrin infrastructure has been targeted by Fancy Bear.

Russia “is likely to continue using cyber capabilities to undermine Montenegro’s smooth integration into the alliance,” according to Tony Cole, vice president and chief technology officer for global government at FireEye.

The Kremlin has strongly denied any role in the attacks on governments, media, or elections worldwide.