In the aftermath of a series of cyber attacks on state websites, Bulgarian leaders have adopted 10 recommendations for improving the country’s cybersecurity.
The recommendations were adopted at an April 14 2016 meeting of the Consultative Council on National Security, convened by head of state President Rossen Plevneliev, and bringing together government ministers, leaders of parties represented in Parliament, and defence, security and intelligence chiefs.
A statement after the meeting noted that Bulgaria recently had been the subject of intense cyber attacks, including against government departments.
During the 2015 municipal elections, there were numerous attacks on communications and information systems of various government departments and organizations, leading to the collapse of websites, denial of service and other potential threats of unauthorized retrieval of information.
“There are cases of cyber attacks against Bulgarian banks, airports and other elements of critical infrastructure,” the statement said.
Extraction of a large amount of personal data of Bulgarian and foreign citizens had been reported.
In some cyber attacks, the content of websites of state institutions and agencies had been replaced with messages containing anti-democratic and radical propaganda.
Purpose of cyber attacks is the acquisition of sensitive information, information about business relationships and transactions, which was then used to commit fraud.
“Cyber attacks result in significant financial losses to the Bulgarian and international companies, as well as Bulgarian and foreign citizens,” the statement said.
It said that the main sources of threats to cybersecurity in Bulgaria were international terrorist and other criminal organizations; countries with totalitarian regimes and countries still fragile democratic institutions systems; natural disasters and accidents; and the vulnerability of the national system of cybersecurity.
The report noted numerous shortcomings, including no integrated national and sectoral policies requiring mandatory uniform minimum security standards. Other shortcomings were the widespread use of outdated computer operating systems, unlicensed applications and devices, and the fact that many Bulgarian officials were inadequately trained regarding computers.
A working group was set up in late 2015 to come up with recommendations. There was a proposal to form a Cybersecurity Council and a National Cyber Situation Centre at the National Situation Centre, which will monitor, assess the level of threat at the national level and co-ordinate actions in response and to prevent threats. The Cabinet is preparing a plan with a roadmap up to the year 2020 to implement the objectives and measures identified in the strategy.
The Consultative Council on National Security made 10 recommendations.
The first was for the National Assembly to consider, as a priority, a bill amending the Electronic Governance Act to set up an e-government state agency and a Single System Operator state enterprise.
The Cabinet should as a priority adopt the national strategy for cyber security, proposed by the working group, after analysing the proposals on the basis of wide public discussion.
Further, the Cabinet should initiate legislative changes to transpose EU directives to ensure a high general level of network and information security in the European Union and the protection of political and electoral rights of citizens, including in cyberspace.
The Cabinet should provide the “targeted resources necessary” to build adequate capacity for cyber security and improvement of communication and information infrastructure to implement a network model of information sharing, collaboration and coordination among organizations with primary responsibility for cybersecurity.
The recommendations called on the Cabinet to provide the Interior Ministry, State Agency for National Security, Defence Ministry and other bodies with the funds to gradually increase the number of experts involved in cyber security, as well as the acquisition of technological capabilities for preventing and counteracting cyber threats.
The Cabinet should, by the end of the 2016, testing of the main elements of the national strategy for cybersecurity.
The recommendations said that the Cabinet should take action aimed at strengthening co-operation with those responsible for cyber-security institutions of the European Union and Nato.
Cabinet Ministers should oblige all state institutions to immediately inform those responsible for counter-services about cyber attacks against them. Leaders at various levels – state, municipal, private, public – should ensure the development of internal rules for network and information security in a single model.
The recommendations say that the Defence Ministry should expedite the completion of the operations center for cyber defence, according to the Development Plan of the Armed Forces of the Republic of Bulgaria to 2020, and take a more active role in organising and conducting the annual Nato “Cyber Coalition” exercise.
The Defence Ministry should also strengthen interaction with Nato’s Joint Research Centre for construction and improvement of capabilities for cyber defence and second representatives to it, the recommendations said.