Bulgarian Government

The Bulgarian Government, headquartered in Sofia, serves as the central administrative authority for the nation of Bulgaria, overseeing a wide array of state functions and public services. Its operational scope encompasses critical national infrastructure, including multiple government ministries, the Presidency, revenue agencies, and sectors such as telecommunications, aviation, banking, and media, as evidenced by the comprehensive targeting of these entities in a major cyber incident. This incident underscores the government's responsibility for the security and continuity of these foundational systems, which are integral to national governance, economic stability, and public communication. The attack's focus on such a diverse set of institutions highlights the government's role as a unifying administrator across disparate but vital sectors of Bulgarian society and economy.

On 15 October 2022, this extensive administrative framework was subjected to a large-scale Distributed Denial of Service (DDoS) cyber attack. Bulgarian officials publicly attributed the offensive to an individual located in Magnitogorsk, Russia, and confirmed that while the attack disrupted online services, it resulted in no compromise of sensitive data. The national response, led by authorities including the Defense Minister, involved immediate mitigation efforts and the initiation of criminal investigations, with prosecutors indicating a willingness to pursue charges in absentia should extradition from Russia prove impossible. The Defense Minister explicitly linked the attack to unsubstantiated Russian allegations concerning Bulgaria's alleged involvement in the 2022 Crimea bridge explosion, reiterating the government's denial of any participation and contextualizing the cyber event within broader geopolitical tensions. This stance was coupled with a reference to existing parliamentary restrictions on the supply of weaponry to Ukraine, despite prior military-technical cooperation agreements, illustrating how cybersecurity incidents are framed within the government's overall foreign policy and national security posture. The successful repelling of the attack without data loss was presented as a demonstration of the government's defensive capabilities and resilience against state-affiliated threats targeting its digital estate.