Podcast in English
Text size
Bulgarian National Radio © 2024 All Rights Reserved

How broken is cybersecurity in Bulgaria: the hack attack against the National Revenue Agency

Photo: dnevnik.bg

On 15 July, media and public institutions in Bulgaria found out, from a website based abroad, that there had been a hack attack against the database of the National Revenue Agency (NRA) without anyone knowing anything about it. On the following day, an anonymous male, presenting himself as Russian married to a Bulgarian wife, said for a TV station that he was behind the attack but an agency spokesperson denied it. A source at the General Directorate for Combating Organized Crime told the Bulgarian National Radio that an employee of a Bulgarian cybersecurity company had been detained for the hacker attack. 

The authorities are not disclosing any details under the pretext that the investigation is still at the beginning though their actions indicate they are very concerned about the state of cybersecurity in Bulgaria.

And with good reason:

In August 2018, the commercial register in Bulgaria came down. In 2015, slap in the middle of the local elections, the websites of the Interior Ministry, the Central Electoral Commission and several other institutions were hacked. These incidents may be different yet they raise one question – is the state providing sufficient protection to its institutions, registers and e-services? A question the state is asking itself too, if yesterday’s statement by Interior Minister Mladen Marinov is anything to go by. As he put it the latest attack against the NRA should be a red flag for all major administrative systems in the country. On his part, Finance Minister Vladislav Goranov said in parliament that the information in the NRA’s database was protected but apologized to the people affected by the hacking attack. In the words of the interior minister files have been hacked containing data about hundreds of thousands of Bulgarian citizens, their names, national identification numbers, as well as the names of Bulgarian companies with their unique identifiers. Prime Minister Boyko Borissov even convened the Council of Ministers’ Security Council over the hack attack. The Security Council makes operating decisions that are mandatory. 

That the powers-that-be are worried is evident from other steps the government has taken. Bulgaria asked for help from the European Commission and from the EU Agency for Cybersecurity. European Commissioner for Digital Economy and Society Mariya Gabriel has been made aware of the details of the incident. The government is expecting full cooperation, in the coming days, from the European Union Agency for Network and Information Security, based in Greece.

Reactions by experts have varied widely. One of them, who found his own name in the leaked personal data base, described the NRA hack as “IT Chernobyl”. Others tend to agree with the Finance Ministry that “the data leaked are not all that valuable”. From the very beginning of the disclosures, there have been some who have warned, and it looks like they were right, that “in 90 percent of hacker attacks such as this one there is an insider”. One expert commented for the Bulgarian National Radio that hacker attacks like this one are an everyday occurrence in the world, and though this is the first attack with such a far-reaching effect on personal data in Bulgaria, ultimately this is a “standard situation”.

But since 2015 we have been witnessing a great many “standard situations”, and some of the reactions show a tendency of looking for the roots of the hack attacks against Bulgarian institutions in places outside the country, usually Russia. None of these accusations, since 2015, have ever been corroborated, and as to the latest attack on the NRA, the agency’s spokesperson Rosen Bachvarov stated that the people who had instigated it were Bulgarian. However at this point there is no proof that this is so either. If the authorities adduce evidence to this effect, then the people affected will be able to sue concrete perpetrators instead of the state, as some have already threatened to do.



Последвайте ни и в Google News Showcase, за да научите най-важното от деня!
Listen to the daily news from Bulgaria presented in "Bulgaria Today" podcast, available in Spotify.

More from category

Nuredin Nuredinaj

Nuredin Nuredinaj from Gòra: "We must return to human values and preserve our identity"

Nuredin Nuredinaj comes from the historical-geographical region of Gòra in Northeastern Albania, where 90% of the inhabitants identify themselves as Bulgarians (data from the census in 2023).  Over 7 thousand Bulgarians live in Albania  The..

published on 11/26/24 2:05 PM
Emma, the new humanoid robot of the Varna Regional Library.

Robot Emma to give presentations at Varna library

The Varna Regional Library "Pencho Slaveykov" has acquired a humanoid robot. It was unveiled by the library's director, Radka Kalcheva, during the celebration of the 20th anniversary of the library's American Corner, in the presence of Eric Brasel, the..

published on 11/23/24 4:56 PM

Burgas city center closes for a half marathon on Sunday

1000 participants will take part in the first Burgas Half Marathon, which will take place this Sunday, 24 November. The event will bring together amateurs and professionals of different ages who will compete in three distances - 1 km, 10.5 km and 21 km...

published on 11/22/24 6:14 PM