Bulgaria’s 7m people awoke last week to news that the country had fallen victim to a hack on its National Revenue Agency (NRA), a breach exposing the personal records of close to every tax-paying citizen in Bulgaria.
Authorities were quick to track down and arrest the suspected hacker but not before personal data of more than 5 million Bulgarians, including names, addresses, income and personal identification numbers stretching back 10-years were breached.
In this case the hack appears to be politically motivated with data leaked by the hacker sent to journalists, alongside an email criticizing the Bulgarian government.
The hack raises serious questions on the cyber security practices of Bulgarian government, particularly as the NRA was seen to be one of the country’s most technically advanced administrations.
Through a simple SQL injection – a practice that should be easy to detect and mitigate through adequate software requirements, acceptance testing and regular scanning of publicly facing services for vulnerabilities – the hacker was able to quickly access and download 21 gigabytes of citizen data.
There are now serious question marks on Bulgaria’s cyber security practices and a call from the public for government to act. Whilst a Bulgarian citizen has been arrested, uncertainty remains on whether other parties such as organized criminal groups or even nation-states are behind the hack.
Best practice cyber security for governments
When it comes to vulnerability to cyber-attack there are a number of effective measures governments can put in place to safeguard the data they are responsible for.
Whilst Bulgaria’s data breach relates to software vulnerabilities, the number one cause of data breach for governments and enterprises continues to be through password-focused hacks.
Through adopting best practice multi-factor authentication using cryptographically protected digital identities, governments and enterprises alike are able to provide secure, seamless access for citizens and employees and minimize the threat of hackers via phishing, malware, social engineering, brute force and many other password-cracking threats.
MyID credential management software enables the world’s governments and enterprises to provide secure, seamless access into IT environments for citizens and employees using the strongest form of multi-factor authentication, across the technology they want to use.