• 15 hours These Millionaires Are Looking To Close The Income Gap
  • 19 hours Huawei Given The Green Light To Build 5G Network In The UK
  • 21 hours Five Things To Watch In The Battery Metals Market
  • 23 hours What Investors Need To Know About The Coronavirus
  • 2 days General Motors To Spend $2.2 Billion On Detroit Electric Vehicle Plant
  • 2 days Copper Slides Under Coronavirus Concerns
  • 2 days Low Gold Miner Valuations Reveal Upside Potential For The Industry
  • 2 days JPMorgan Urges Investors To Buy The Coronavirus Dip
  • 2 days The Survival Of A $2.7 Trillion Market Rests On This Tiny Niche
  • 3 days U.S. Moves To Bar Iranians From Investor Visas
  • 4 days Why Germany Is Going To War With Gold
  • 5 days Gold Is Still Cheap Compared To Stocks
  • 6 days Are Cryptocurrencies Funding Terrorism?
  • 6 days Promising Oil Companies To Watch In 2020
  • 7 days Could China's Coronavirus Outbreak Impact U.S. Stocks?
  • 7 days Tesla Stock Continues To Soar
  • 8 days What New Economic Data Reveals About Gold's Trajectory
  • 9 days The Lucrative New Tech Hijacking Your Privacy
  • 9 days The Biggest Loser In The China-U.S. Tariff Tit-For-Tat
  • 10 days Trade War Takes Its Toll On Shipping
  1. Home
  2. News
  3. Breaking News

Bulgaria’s Revenue Agency Falls Victim To Biggest Cyber Heist In History

Hackers

When you hear of large-scale cyber-attacks, you probably conjure up images of nefarious computer geeks outmaneuvering state-of-the-art infosec systems and spiriting away mountains of precious data. Turns out, it’s more like taking candy from a baby.

The sheer speed and ease with which Russian hackers have been infiltrating global digital networks has become something of a running joke. 

And the Bulgarian government has become the latest victim to discover this the hard way after suffering its biggest cyber heist in history. 

Russian hackers have infiltrated Bulgaria’s revenue agency, the NRA, and stolen personal records of five million taxpayers in a spectacular phishing attack.

The heist was so extensive that it’s feared that 2 out of 3 of the country’s adult records have been compromised—the largest ever data breach for the Balkan nation. 

The Bulgarian prime minister, Boyko Borissov, has called an emergency meeting to examine the extent of the damage and has also apologized to the country.

Casual sociopaths

The leaked information includes names, personal data and the financial earnings of both individuals and companies. 

Finance Minister Vladislav Goranov has revealed that said that the hackers infiltrated more than 110 of the agency’s databases (about three percent of its total count) though he has reassured citizens that no classified information or anything that can endanger financial stability was accessed. 

The government plans to seek help from the EU cybersecurity agency to perform extensive audits of its most sensitive systems.

The motive of the attack is yet to be established though it’s suspected to be an act of retaliation after the Bulgarian government purchased several U.S. F16 fighter jets.

Related: Climate Change Turns Mammoths Into $40M Market It could also be a bad case of casual sociopathy considering the attackers sent the Bulgarian government an email taunting "…the state of your cybersecurity is a joke." 

Indeed, the finance minister has already rejected a possible link to the jet purchase pointing out that the attack happened before the deal was approved. Bulgarian media also received emails containing download links for the stolen data from the hackers via Russian mail provider, Yandex--yet another cynical jibe.

More of the same

Your guess is as good as ours that this will not be the last time Russian hackers infiltrate sensitive databases of governments, companies and businesses and steal valuable information.

After all, Russian hackers are rated the most proficient in the world. Ok, you are probably wondering how they rate hackers seeing that the felons would not exactly be willing to take speed tests to rank how fast they crack codes.

In the hand-wringing forensic study of a breach, the main focus is the first point of intrusion. How quickly an intruder can move from that beachhead to a full-on attack, aka the breakout speed, is considered a nice proxy of their skills.  

And it turns out nobody beats the Russians.

In 2018, cybersecurity firm CrowdStrike analyzed 30,000 attempted breaches and found that Russian state-sponsored hackers have, by far and away, the fastest breakout speed—just 19 minutes from the initial intrusion to escalating their privileges within a network. That’s incredibly fast considering the average breakout speed is close to five hours. 

Second-ranked are North Korean hackers who pull off the feat in about two hours longer than Russians while third-ranked Chinese hackers take about four hours.

Related: Tesla, Apple Claim China Is Stealing Intellectual Property

There are a couple of reasons why Russian hackers are so good at their trade, including a superior IT and computer science education right from the junior level and a dearth of outlets like Silicon Valley where to channel those skills.

So, which countries are at the biggest risk? 

Governments with a low level of commitment to cybersecurity, including many third-world nations, are at the highest risk of cyberespionage.

(Click to enlarge)

Source: Brookings.edu

According to the Security Magazine, Algeria, Indonesia, Vietnam, Tanzania, and Uzbekistan are the least cyber secure countries in the world while Japan, France, Canada, Denmark, and the United States in that order are the least vulnerable to attacks.

Incidentally, the least cyber secure nations also experience the least telnet attacks (originating from within the country)--meaning that they are mostly the victims of foreign hackers.

By Alex Kimani for SafeHaven.com

More Top Reads From Safehaven.com:

Back to homepage

Leave a comment

Leave a comment