EN
MK
AL
Ministry
About the Ministry
Minister
Deputy minister
State secretary
Bureau for Public Security
Internal Control
Disciplinary and Judicial Proceedings
Legal Affairs
International Cooperation
Training Center
Security of Classified Information and Cooperation with NATO
Informatics and Telecommunications
Finance
General and Common Affairs
Offenses
Cyber Security
Analyses and statistics
Summary analysis
Border Affairs
Projects and campaigns
Projects
Campaigns
Prevention
Legislation
Laws
Draft Laws
By laws
Strategies
Organogram
Commission for Weapons
Links
Ministries
Institutions
Organizations
Services
Civil Proceedings
EXIM
Instructions and Procedure for Individual Rights (Requests) of Foreigners
Traffic
Taking a Driving Test
Useful Information for RNM Citizens Living Abroad
Addresses and Contact Phone Numbers
Public relations
Department for Public Relations and Strategic Issues
Assistant Minister in the Department for Public Relations and Strategic Issues
Spokespersons
Daily Bulletins
Media center
Public procurements
Data Protection Officer
Free access to information
Magazine
Transparency
Service Expenditures
 

One click to all services

https://uslugi.gov.mk/
https://data.gov.mk/
Home
Ministry
Cyber Security

Cyber Security Unit (MVR-SOC)

About us

On 15.07.2025, the Government formally approved the establishment of the Cybersecurity Unit, adopting a new organizational structure within the Ministry of Interior to enhance its cybersecurity framework. This strategic initiative underscores our commitment to safeguarding critical infrastructure and ensuring robust protection against cyber threats.

 

The Cybersecurity Unit (MVR-SOC), established within the Department of Informatics and Telecommunications, serves as a Security Operations Center (SOC) with primary Computer Incident Response Team (CIRT) functionalities. The unit is dedicated to proactive monitoring, detection, and response to potential security threats, reinforcing the commitment to safeguarding systems and data. By ensuring confidentiality, integrity, and availability, the MVR-SOC effectively addresses cyber security, enhancing the organization's cybersecurity posture.

* For reporting cases related to computer crime, please contact the Skopje Police Department (SVR Skopje), Economic and Computer Crime Division located at MRTV on the 2nd/3rd floor, or the nearest Police Department (SVR), Economic and Computer Crime Unit, or on the e-mail> cybercrime@moi.gov.mk.

Cybersecurity Activities

  • Threat Monitoring and Detection - Our SOC continuously monitors network traffic, systems, and endpoints using advanced tools like SIEM and IDS/IPS to detect potential threats such as malware, phishing, and DDoS attacks in real-time.
  • Incident Response - We swiftly respond to security incidents, mitigating risks and minimizing impact. Our team conducts investigations (in colaboration with cyber cryme unit and forensics department), implements containment strategies, and provides post-incident reporting and recommendations to prevent recurrence.
  • Cybersecurity Awareness - We conduct regular training and awareness programs to educate employees about cybersecurity best practices, phishing prevention, and safe digital habits to strengthen our ministry's security culture.
  • Vulnerability Management - We regularly scan, assess and prioritize vulnerabilities in our systems, applying patches and updates to reduce exposure to potential exploits and maintain a robust security posture.
  • Threat Intelligence - Our analysts gather and analyze threat intelligence to stay ahead of emerging risks, leveraging data to anticipate and prepare for potential cyberattacks targeting our ministry or region.
  • Coordination with External Entities - We collaborate with external organisations and security agencies to share threat intelligence, align on best practices, and ensure compliance with cybersecurity regulations.

 

RFC 2350 documentation and contact can be found below.

 

1. Introduction

This document outlines the operations of the Cybersecurity Unit (MVR-SOC) of the Ministry of Interior in accordance with RFC 2350. It details the SOC's mission, services, and procedures for handling security incidents.

 

1.1 Overview

Version 1.0 - 22.07.2025

 

1.2 Distribution List for Notifications

Changes to this document will be announced via the Ministry of Interior’s SOC website at https://mvr.gov.mk/en-GB/ministerstvo/cybersecurity. Changes are not disseminated via mailing lists, RSS feeds, or other automated distribution mechanisms.

 

1.3 Locations where this Document May Be Found

The current version of this document is always available at this page.

 

1.4 Authenticating This Document

This document is signed with the MVR-SOC’s PGP key. The public key is available below on this page.

 

2. Contact Information

2.1 Name of the Team

English: Cyber Security Unit of the Ministry of Interior

Macedonian: Одделение за сајбер безбедност на Министерството за внатрешни работи

Short name [EN]: MVR-SOC

Short name [MK]: МВР-SOC

 

2.2 Address

Ministry of Interior
Ul. Dimche Mirchev 9
1000 Skopje
Republic of Macedonia

 

2.3 Time Zone

CET

 

2.4 Telephone Number

Working hours: +389 (0)72 334 012
Emergency phone: +389 (0)2 3117 222

 

2.5 Facsimile Number

N/A

 

2.6 Other Telecommunication

Internet Website: https://www.mvr.gov.mk

 

2.7 Electronic Mail Address

soc@moi.gov.mk

 

2.8 Public Keys and Encryption Information

The e-mail address (soc@moi.gov.mk) used by MVR-SOC shares the same PGP key:

  • Key Id: 0 x C06C0A5B
  • Key Type: RSA 4096
  • Key Fingerprint: 6367 3F63 C8BC A7F1 69C1 15C4 4536 1E5D C06C 0A5B

Public key mvr-soc_public.key

The public key and its signatures can be found on public key servers and at https://mvr.gov.mk/en-GB/ministerstvo/cybersecurity. This key signs all MVR-SOC communications and is used for confidential communication (incident reports, alerts).

 

2.9 Team Members

The full list of MVR-SOC team members is not publicly available. Team members will identify themselves with their full name in official communications regarding incidents.

 

2.10 Other Information

N/A

 

2.11 Points of Customer Contact

The preferred method to contact MVR-SOC is via e-mail at soc@moi.gov.mk, monitored 24/7 by a duty officer.

Working hours phone: +389 (0)72 334 012
Urgent cases can be reported 24/7 by phone at +389 (0)2 3117 222.

Hours/Days of Operation: 08:00 to 16:00, Monday to Friday (except holidays). Out-of-office hours support is available for emergencies.

 

3. Charter

3.1 Mission Statement

The mission of MVR-SOC is to safeguard and support the ICT systems of the Ministry of the Interior, ensuring the confidentiality, integrity, and availability of all data within its infrastructure. MVR-SOC monitors, detects, responds to, and recovers from both intentional cyber threats and unintentional incidents that may compromise the Ministry’s ICT assets or impact Macedonian citizens.

 

3.2 Constituency

The constituency of MVR-SOC includes employees and ICT systems of the Ministry of Interior.

 

3.3 Sponsorship and/or Affiliation

MVR-SOC is part of the Ministry of Interior.

 

3.4 Authority

The establishment of the SOC is mandated by the Rulebook on the Organization of the Ministry of the Interior.

 

4. Policies

4.1 Types of Incidents and Level of Support

All cybersecurity incidents are assigned a normal priority level unless explicitly classified as EMERGENCY or URGENT.

 

4.2 Co-operation, Interaction and Disclosure of Information

MVR-SOC prioritizes operational cooperation and information sharing with other cybersecurity teams (SOCs and CIRTs) and organizations to enhance cybersecurity. All information is handled with strict confidentiality. Unless otherwise agreed, shared information is considered sensitive and disclosed only to parties directly involved in incident investigation and resolution. The Traffic Light Protocol (TLP) is used to classify and manage information sensitivity.

MVR-SOC operates in accordance with the Macedonian legal and regulatory framework.

 

4.3 Communication and Authentication

Email and telephone communications are secure for low-sensitivity information without encryption. Highly sensitive data exchanges use encryption methods like PGP. Identity verification, when required, is performed through established webs of trust or alternative methods.

 

5. Services

5.1 Incident Response

MVR-SOC supports local network and system administrators in managing cybersecurity incidents.

  • Incident Triage: Assessing the scope, priority, and impact of incidents, identifying initial resources needed.
  • Incident Coordination: Mobilizing internal resources, reaching out to external parties for assistance, and notifying affected or endangered parties.
  • Incident Resolution: Providing guidance on response actions, assisting in evidence collection for cyber-crime and forensic departments, and deploying on-site when necessary.

5.2 Proactive Activities

MVR-SOC processes Indicators of Compromise (IoCs) and disseminates relevant information to responsible contacts for affected systems. Activities include network and log analysis, threat intelligence monitoring, and vulnerability assessments. MVR-SOC issues announcements, warnings, and alerts to its constituency and contributes to improving security awareness.

 

5.3 Reactive Activities

MVR-SOC coordinates with external entities and prepares post-incident reporting with recommendations.

 

6. Incident Reporting Forms

No formal incident reporting form is available at this time.

 

7. Disclaimer

While every precaution is taken in preparing information, notifications, and alerts, MVR-SOC assumes no responsibility for errors, omissions, or damages resulting from the use of the information contained within.

 

 

Download mvr-soc RFC 2350 pdf

Download mvr-soc RFC 2350.pdf signature

Download mrv-soc public key

For inquiries or to report a security incident, please reach out to our SOC team at soc@moi.gov.mk or at soc@mvr.gov.mk.

Office hours phone: +389 (0)72 334 012
Emergency phone: +389 (0)2 3117 222

Hours/Days of Operation: 08:00 to 16:00 Monday to Friday (except holidays).

Accessibility Menu

This website uses "cookies" to improve your experience. If you accept the terms, click "I agree". Read more