An entire country just got hacked: could yours be next?

We have heard of corporations getting hacked, celebrities getting hacked, but countries? Yes, sovereign nations can also be a target for cybercrime. In fact, an entire nation just got hacked!

Recently, news broke out about the theft of highly sensitive personally identifiable information of almost every working adult in Bulgaria from the National Revenue Agency.

However, Bulgaria’s tax authority wasn’t even aware of it until news outlets around the country received an email taunting the government and claiming responsibility.

The email stated (in politically incorrect language), "Your government is mentally retarded. The state of your cyber-security is a parody." It also included an appeal for the release of WikiLeaks founder, Julian Assange

While an arrest was made almost immediately in the aftermath, there are still more questions than answers.

Who’s responsible?

Over the last few years, major cybersecurity events have been blamed on state actors like China, North Korea, and Russia. For example, last year, the United States blasted North Korean hackers for the WannaCry ransomware attack and stealing millions of dollars from Bangladesh's central bank.

A few years before that, American officials blamed China for a data breach at a government agency which exposed the personal information of more than 21.5 million people.

This time it wasn’t any different. While some government officials suggested that Russia was behind it (in retaliation for the recent purchase of American-made F-16 fighter jets), the primary suspect denied any state role in this attack (even though the email originated from a Russian address).

The Russian government themselves have to deal with their own cybersecurity nightmare because the Federal Security Service (FSB), a Russian government intelligence agency, was also a victim of a breach.

Although it’s still early days, the Russian FSB hack promises to be the biggest data breach in history. In this security incident, as much as 7.5 terabytes of highly classified information was stolen.

Many of experts claim, however, that this particular data breach was a response to the Russian government’s bid to disable anonymous browsing with the Tor browser, ban social media, and isolate the country from the rest of the planet.

The FSB, like the FBI in the United States, is the most important intelligence agency at the Kremlin. However, since it also has authority over intelligence activities overseas, you can say that it’s the reincarnation of the KGB.

Getting back to the Balkans, the chief suspect in this data breach is Kristiyan Boikov. It turns out that the 20-year-old worked as a security professional at the TAD Group, a private cybersecurity firm. This led to rumors that it might have been a white hat attack to fix the broken system.

However, this doesn’t seem to be the case. At least if we’re to believe the suspect’s lawyer who claims that his name was given to the authorities by a competing cybersecurity firm.

In the following days, however, Georgi Yankov, a manager at the Tad Group, was also arrested. Both men were subsequently charged with terrorism and released (leaving us all scratching our heads in disbelief).

What’s the damage?

When government agencies get hacked, the consequences can be significant and extensive. This is because the personal information held by governments can’t be changed.

According to Guy Bunker, an information security expert, “your date of birth is not going to change, you’re not going to move house tomorrow.” A lot of the information that was taken was valid yesterday, is valid today, and will probably be valid for a large number of people in five, 10, 20 years time.”

The largest theft of personal data in the Balkans has resulted in the names, addresses, social security information, and incomes of as many as five million citizens and foreign residents being exposed.

The significance of this security incident hits home when you consider the fact that Bulgaria has a population of just seven million. Regardless, the severity of such data breaches highlights the accelerating danger and the predicament that both governments and citizens find themselves in. It’s a frightening thought when you consider the fact that this could be the new norm.

At least for the time being, governments continue to focus their attention on critical infrastructures like defense networks and energy departments. They continue to refuse to address the security of repositories that are traditionally known to store vast amounts of citizen data.

In this scenario, like many others before, it’s much easier to take inventory of the damages than assign responsibility. But we have to and need to address this problem as it’s becoming much easier to engage in these types of attacks with widely available open-source tools.

If we approach it from the perspective of identity theft, each record can be worth 10 to hundreds of dollars on the dark web. This means that each hack could be worth hundreds of millions of dollars for bad actors.

So things will only get worse unless governments and corporations demand encryption. This is because it’s the only approach to data privacy and security that can scramble sensitive information and keep it encrypted even in the event of a security incident.

To learn more about encryption and how it can help secure your digital assets, reach out to one of our in-house experts.

nach oben