• 277 days Will The ECB Continue To Hike Rates?
  • 278 days Forbes: Aramco Remains Largest Company In The Middle East
  • 279 days Caltech Scientists Succesfully Beam Back Solar Power From Space
  • 679 days Could Crypto Overtake Traditional Investment?
  • 684 days Americans Still Quitting Jobs At Record Pace
  • 686 days FinTech Startups Tapping VC Money for ‘Immigrant Banking’
  • 689 days Is The Dollar Too Strong?
  • 689 days Big Tech Disappoints Investors on Earnings Calls
  • 690 days Fear And Celebration On Twitter as Musk Takes The Reins
  • 692 days China Is Quietly Trying To Distance Itself From Russia
  • 692 days Tech and Internet Giants’ Earnings In Focus After Netflix’s Stinker
  • 696 days Crypto Investors Won Big In 2021
  • 696 days The ‘Metaverse’ Economy Could be Worth $13 Trillion By 2030
  • 697 days Food Prices Are Skyrocketing As Putin’s War Persists
  • 699 days Pentagon Resignations Illustrate Our ‘Commercial’ Defense Dilemma
  • 700 days US Banks Shrug off Nearly $15 Billion In Russian Write-Offs
  • 703 days Cannabis Stocks in Holding Pattern Despite Positive Momentum
  • 704 days Is Musk A Bastion Of Free Speech Or Will His Absolutist Stance Backfire?
  • 704 days Two ETFs That Could Hedge Against Extreme Market Volatility
  • 706 days Are NFTs About To Take Over Gaming?
  1. Home
  2. News
  3. Breaking News

Bulgaria’s Revenue Agency Falls Victim To Biggest Cyber Heist In History

Hackers

When you hear of large-scale cyber-attacks, you probably conjure up images of nefarious computer geeks outmaneuvering state-of-the-art infosec systems and spiriting away mountains of precious data. Turns out, it’s more like taking candy from a baby.

The sheer speed and ease with which Russian hackers have been infiltrating global digital networks has become something of a running joke. 

And the Bulgarian government has become the latest victim to discover this the hard way after suffering its biggest cyber heist in history. 

Russian hackers have infiltrated Bulgaria’s revenue agency, the NRA, and stolen personal records of five million taxpayers in a spectacular phishing attack.

The heist was so extensive that it’s feared that 2 out of 3 of the country’s adult records have been compromised—the largest ever data breach for the Balkan nation. 

The Bulgarian prime minister, Boyko Borissov, has called an emergency meeting to examine the extent of the damage and has also apologized to the country.

Casual sociopaths

The leaked information includes names, personal data and the financial earnings of both individuals and companies. 

Finance Minister Vladislav Goranov has revealed that said that the hackers infiltrated more than 110 of the agency’s databases (about three percent of its total count) though he has reassured citizens that no classified information or anything that can endanger financial stability was accessed. 

The government plans to seek help from the EU cybersecurity agency to perform extensive audits of its most sensitive systems.

The motive of the attack is yet to be established though it’s suspected to be an act of retaliation after the Bulgarian government purchased several U.S. F16 fighter jets.

Related: Climate Change Turns Mammoths Into $40M Market It could also be a bad case of casual sociopathy considering the attackers sent the Bulgarian government an email taunting "…the state of your cybersecurity is a joke." 

Indeed, the finance minister has already rejected a possible link to the jet purchase pointing out that the attack happened before the deal was approved. Bulgarian media also received emails containing download links for the stolen data from the hackers via Russian mail provider, Yandex--yet another cynical jibe.

More of the same

Your guess is as good as ours that this will not be the last time Russian hackers infiltrate sensitive databases of governments, companies and businesses and steal valuable information.

After all, Russian hackers are rated the most proficient in the world. Ok, you are probably wondering how they rate hackers seeing that the felons would not exactly be willing to take speed tests to rank how fast they crack codes.

In the hand-wringing forensic study of a breach, the main focus is the first point of intrusion. How quickly an intruder can move from that beachhead to a full-on attack, aka the breakout speed, is considered a nice proxy of their skills.  

And it turns out nobody beats the Russians.

In 2018, cybersecurity firm CrowdStrike analyzed 30,000 attempted breaches and found that Russian state-sponsored hackers have, by far and away, the fastest breakout speed—just 19 minutes from the initial intrusion to escalating their privileges within a network. That’s incredibly fast considering the average breakout speed is close to five hours. 

Second-ranked are North Korean hackers who pull off the feat in about two hours longer than Russians while third-ranked Chinese hackers take about four hours.

Related: Tesla, Apple Claim China Is Stealing Intellectual Property

There are a couple of reasons why Russian hackers are so good at their trade, including a superior IT and computer science education right from the junior level and a dearth of outlets like Silicon Valley where to channel those skills.

So, which countries are at the biggest risk? 

Governments with a low level of commitment to cybersecurity, including many third-world nations, are at the highest risk of cyberespionage.

(Click to enlarge)

Source: Brookings.edu

According to the Security Magazine, Algeria, Indonesia, Vietnam, Tanzania, and Uzbekistan are the least cyber secure countries in the world while Japan, France, Canada, Denmark, and the United States in that order are the least vulnerable to attacks.

Incidentally, the least cyber secure nations also experience the least telnet attacks (originating from within the country)--meaning that they are mostly the victims of foreign hackers.

By Alex Kimani for SafeHaven.com

More Top Reads From Safehaven.com:

Back to homepage

Leave a comment

Leave a comment