/ip firewall raw
add chain=prerouting in-interface=wan source-address-list=IP2blockcountries action=drop
That should do it but the real question is do you think the bad actors from that country are actually going to use their country servers??
I think its a healthy thing to dabble in setting up such rules but its part measures at best (a stab in the dark).
If you want to have more solid protection there is at least two options I am aware of that are up and running and designed specifically for Mikrotik.
a. expensive AXIOM SHIELD (they do provide discount for serving and ex-serving members of the military) - https://axiomcyber.com/shield/
b. affordable, especially if not a business expense write-off (and developed by a fellow forum poster) - http://forum.mikrotik.com/t/moab-mother-of-all-blacklists/122053/1