Calendar - October
Mon Tue Wed Thu Fri Sat Sun
1 2 3 4 5 6 7
8 9 10 11 12 13 14
15 16 17 18 19 20 21
22 23 24 25 26 27 28
29 30 31  

    • Anticorruption
    • Administrative register

    CERT Bulgaria registered 319 cyber-attacks in December 2014

    23 January 2015

    ksimonski.jpgIn December 2014, CERT Bulgaria registered 319 cyber-attacks, of which 37  are defined as threats of very high risk, said Krassimir Simonski, Executive Director of Executive Agency „Electronic Communication Networks and Information Systems” (EA ECNIS) at the opening of the IT security conference.  The most frequent attacks are malware – 67 %,  Distributed Denial of Service attacks (DDoS) are  18 %, intrusion attempts are 8%, and spam is 4%. Cyber crimes have made their way into most aspects of our life. Their target is not just the economy, but politics as well. More and more players are involved and we are already talking about organised crime,  added Simonski.  He disclosed that EA ECNIS has implemented special software as part of the protection of the Agency’s network that visualises the traffic. „The picture is overwhelming – the network swarms with parasites and viruses and the fact that we cannot see them with a naked eye is not calming because they are doing their job“, said the Executive Director of EA ESMIS. He pointed out that the information security mechanisms should enter state governance and that is not just a matter of technologies, but also of governance mechanisms and policies.

     The Computer Security Incident Response Team (CERT Bulgaria) to EA ESMIS has received and processed 2949 signals of breaches in and from the Bulgarian Internet space in 2014, stated Vasil Grancharov, director of CERT Bulgaria. The automated systems have sent 1832 signals, and 1117 have come from other CRTs and other organisations, including banks.  The total number of affected IP addresses is over 46 thousand, but the number of computers is much higher since, because a number of IP addresses include computer networks with lots of computers, he added. It is important to know that not every received signal is necessarily an incident, pointed out Vasil Grancharov during the conference. Of all incidents DDoS attacks have the largest share (41%), followed by malware (35,6%), intrusion attempts (4,7%) and botnets (3,32%).

    IMG_2478.JPG„Man is the weakest link in information security and most attacks are directed at people rather than the systems themselves, commented Vasil Grancharov. The IT systems in some state organisations are certified for information security, as required by the relevant ordinance. Certification, however, is not enough, since legislation  does not provide for liability in case of information security breaches“, added Grancharov. In his opinion, the situation in the field of information security is such that one cannot rely on assistance from the state only.

    445 bn dollars is the estimate of the global losses from breaches in IT security, which equals from 0,5% to 0,8% of the gross product of the world, said Vim van Kampen, vice-president of Intel Security/McAfee for Northen and Eastern Europe. According to the CSIS report, the losses from cyber crimes are very difficult to quantify, since those affected very often do not disclose information about the attacks fearing that their reputation may suffer which will increase their indirect losses.  „IT are very important for the economy, and in Bulgaria this sector creates many jobs. However, IT have sense for the economy only if protected and used properly“, believes van Kampen. In his opinion, social engineering aims at provoking the user, irrespective of whether the attack targets the individual person or the whole organisation or infrastructure. The idea is that the user is challenged to enter in some interaction with the network, for example, clicking on a link, and the path for the attack is open, he commented. P1020013.JPG

    The IT Security Conference was organised by Computer 2000 Bulgaria, MTITC and EA ECNIS.


    • Development of Broadband in Republic of Bulgaria
    • National Portal for Spatial Data
    • National centre for supercomputing applications
    • Computer Security Incidents Response Team