Search for...

How Prepared is Bulgaria to Fight Cyber Attacks? Experts Weigh in

A hacker in a black hoodie on a laptop and a padlock in the background
Image credit: Canva
, ~

Last Saturday,  15th of October, Bulgaria woke up to the news that several Bulgarian websites of state institutions, media platforms, telecom providers, and airports had been a target of a cyberattack from the distributed denial-of-service (DDoS) type, making them inaccessible for several hours. This is the latest Bulgarian cyberattack after the hacking attempt against The Bulgarian Food Safety Agency this August and the ransomware attack against Bulgarian posts earlier this year in April.

Worldwide scale cyber threats have significantly increased since the start of the pandemic. In addition, Ukraine’s ongoing war further reinforced the demand for institutions to take better measures and invest more resources into the war against hackers.

Among the most common methods that hackers use to get access to sensitive information or to take control of a certain computer system are phishing attacks, spear phishing attacks, ransomware, and man-in-the-middle. According to the Ministry of e-Governance, 80% of all malicious attempts in Bulgaria are phishing attacks and about 57% of all Bulgarian institutions have to face and prevent hacker attacks on a daily or monthly basis. 

To put the recent Bulgarian cyberattack in context, by discussing the level of cybersecurity in the country and whether its institutions are prepared to deal with different scenarios of cybercrime,, a Bulgarian finance and business media platform, gathered a panel of experts at the event Tech of Tomorrow. The discussion was joined by Dimitar Pavlov – Cybersecurity Manager at A1, a Bulgarian telecom service provider, Vihren Slavchev – Executive Director of Mnemonica, IT security and data storage advisor company, Bozhidar Bozhanov – Member of Parliament and a former minister of e-government, and Spas Ivanov, Managing Partner at IT Baseline, data security, and protection IT company.

Sound cybersecurity strategy – Vital Ally in the Raging War Against Hackers

Panelists on the stage of Tech for Tomorrow event talking about the bulgarian cyberattack
The panelists on the stage of Tech for Tomorrow event

According to Dimitar Pavlov, “before it was much easier for a person with malicious intents to break into a government digital infrastructure and extract data but now things are much better than what they were 10 years ago”.  Later in the discussion, he added that cyberattacks have increased worldwide, especially after the beginning of the war in Ukraine. According to his observations, especially in Bulgaria, the most common cyberattacks are against web applications.

Read more:  BSides Conference in Sofia Will Gather Cybersecurity Professionals and Aficionados

The former Minister of e-Governance, Bozhidar Bozhanov presented his concerns that even though the Bulgarian state administration has improved its level of preparation regarding cybersecurity, there is a lot to be desired. He remarked that generally Bulgaria and Europe are lagging behind because of the lack of trained staff. Bozhanov pointed out that Bulgaria has lots of cybersecurity experts and IT security companies but they are simply not enough.  

In addition, the state administration often does not know how to react in the face of such threats. Despite this, he pointed out that the first steps have been made in the right direction – “we managed to convince the managers and the leading figures in the state administration that cybersecurity is something important and that, in the long run, it is worth investing in it”.

We have clarity on what measures we have to take. However, we need to make improvements in the human resources and its organization”, said Bozhidar Bozhanov.


Vihren Slavchev of Mnemonica was much more critical of the current situation, directly saying that “we are not prepared”. He added that “right now, the modern, hybrid wars typically begin with cyber offensives.”

The expert also noted that cyberattacks are progressively increasing. What is more concerning, however, is that hackers tend to work in organized structures and not in a chaotic manner. This gives them the upper hand because they are able to communicate and exchange information with each other faster. According to him, government structures would be much more prepared if they had an internal system for quick information transfer. 

Spas Ivanov of IT baseline noted that most of the technical problems we are currently facing could be easily resolved “with money” and through different types of financing. However, the real problem is the lack of enough qualified people who would maintain the infrastructure once it has been built. He noted that in order to attract more cybersecurity experts, the state administration has to offer more attractive working conditions. 

Read more:  5 Must-Attend Deep Tech Events in 2024
Many government structures have spent money and have invested in good technologies. Unfortunately, they are not implemented and maintained correctly”, said Spas Ivanov.
The evolution of cyberattacks

In the second part of the panel that followed the recent Bulgarian cyberattack, the experts went on to discuss the most common cyberattacks. Spas Ivanov of IT baseline noted that while phishing attacks are the simplest ones, hackers’ tactics are constantly evolving. Ultimately, the end goal of every hacker is not only to get access to the victim’s personal information but to monetize it. For example, with a spear phishing attack, the hacker can get access to credit card information that has been saved in the browser of the victim. He added that the most profitable attacks are the so-called ransomware attacks. They are designed with the idea to get access to the victim’s sensitive information, to encrypt it, and to ask for ransomware in exchange for the key. He added that ransomware attacks are a trillion dollars business. 

Vihren Slavchev of Mnemonica pointed out that spear phishing attacks account for about 60% of all malicious intents. They are much more difficult to execute and involve “social engineering” tactics. The hacker has to study the victim very well and usually, those attacks require between 9 and 12 months of preparation. Normally, these types of attacks target companies or organizations. He points out that nowadays we are very vulnerable to these attacks because people tend to overshare personal information that later can be used against them. 

The panelists also talked about deepfake as one of the modern ways of internet scams. Deepfake is a synthetic media that uses artificial intelligence and machine learning to create photos and videos of people whose appearance resembles someone else’s face, body movements, and even voice. Pavlov noted that this technology is becoming more widespread and there are even websites where one can buy an entire identity with a passport with a unique social security number and even a photo.

Read more:  From Drones to AI and Cybersecurity: A Glimpse Into the Future of War Tech

According to Slavchev, deepfake can be used as a “means of mass manipulation only with the help of a simple website”. He compared deepfake to the most serious cyber threats. 

In the end, the panelists all agreed that disinformation and lack of proper digital literacy put at risk not only common people but also big organizations and state structures. It is crucial for everyone to have good cyber hygiene.

Thank you for reading The Recursive!

Over 1 million people from all over the world have learned about the tech ecosystem in Central and Eastern Europe thanks to The Recursive. In order to keep our content free for everyone, we need your help. If you believe what we do is important and have the means to do so, support us in giving a voice to Central and Eastern Europe with as little as €7. Thank you!

DONATE Keep reading this article

Help us grow the emerging innovation hubs in Central and Eastern Europe

Every single contribution of yours helps us guarantee our independence and sustainable future. With your financial support, we can keep on providing constructive reporting on the developments in the region, give even more global visibility to our ecosystem, and educate the next generation of innovation journalists and content creators.

Find out more about how your donation could help us shape the story of the CEE entrepreneurial ecosystem!

One-time donation

You can also support The Recursive’s mission with a pick-any-amount, one-time donation. 👍