Government appoints inexperienced official in charge of cyber security amid growing crisis in the sector, Bulgarian coal TTPs among the top 20 SO2 polluters in the world

Top news:

Government appoints inexperienced official in charge of cyber security amid growing crisis in the sector

Mariana Nikolova

“Of course, I know about computers. At the very least every government employee is required to have minimum technical and information literacy. I myself have gone through many different trainings, I also possess an ITcard.”

This was what Mariana Nikolova, the new head of the Cyber Security Council to the prime minister, told NOVA TV about the extent of her expertise concerning her new job.

She spoke about how she views her new responsibilities as “a challenge”. She meant it as the positive cliché most use in describing excitement from a new position. But unfortunately, the reality in this case is constrained to the more concrete sense of the word. Nikolova has no experience and no competence whatsoever in the field of cyber security. Challenged is an understatement.

It could legitimately be argued that management positions are not expert positions and those who takes them do not necessarily need to possess expert knowledge in the field. And that is entirely true. However, being asked about having expertise and answering that, yes, you can open e-mails and use office applications demonstrates something else. While it might also speak volumes on how little basic knowledge you lack about the field you will head, the information could be found in Nikolova’s CV. What such an answer showed was something far more important: that she is unaware of what cyber security is at all, as a concept. To make the situation worse, the council is comprised of high-level officials – ministers and heads of security agencies – none of whom are any more knowledgeable in the field, from what they have demonstrated in the past.

Granted, the question about her expertise was worded in a broader sense (computer competence) but the context was clear: the question was asked specifically because she will work in cyber security, not because she might use a computer in her daily routine. Although it would not be a bad idea to employ those skills and google what her job is about.

There is not much here to surprise unfortunately.

The collapse of the Trade Registry earlier last year felt painfully random and left observers feeling one of the most crucial databases in the country is run by armatures as a side gig. Sadly, the National Revenue Agency, which contains the personal data of all citizens seem to be equally cared for, which ultimately led to nearly every Bulgarian adult to have their personal data leaked, after an unprecedented hack into the agency’s databases.

Another thing, which became abundantly clear with the hack was that the government had not drawn anything from the previous digital disaster. This appointment is supposed to carry the message that the government is taking measures after the cyber-attack on the NRA. But the quality of the appointment shows a different story. Just as nothing changed in the way this government cared for its digital infrastructure after the Trade Registry crisis, it does not plan to change now either. Nor did it advance its understanding that it must be properly taken care of. In a sense, the NRA’s database was just left out in the open for anyone to hack into. And why wouldn’t they?

With the appointment of Nikolova as head of the Cyber Security Council, the message is clear: no lessons have been learnt, again. And no one from this government seems to understand, truly, the gravity of the issue. Not only is there no one equip with any knowledge regarding digital infrastructures and their importance within the extended circle of the government. It seems they collectively lack even the intuition that it is a serious and important matter.

All of this, however, does not stop PM Boyko Borissov to reconfirm Bulgaria’s interest in heading the EC’s cyber-security department. And will proudly carry the badge of the department while the digital structures in the country collapse under the imminent gravity of incompetence and negligence.

The National Revenue Agency will be fined millions for massive leak of personal information

The National Revenue Agency will be fined millions for allowing the data breach, which led to the personal data of nearly every Bulgarian adult to leak. As a result from the unprecedented cyber-attack on the NRA back in July, the personal data of over 5 million Bulgarians was compromised. The prosecutor’s office is trying very hard to depict the attack as having been executed by a state-of-the-art operation. In reality, however, the hack demonstrated the devastating state of Bulgaria’s cyber security and overall digital incompetence.

This week the head of the Commission for the Protection of Personal Information, Vencislav Karadzhov explained that the NRA will be receiving the official notice for the fine next week. Then the precise amount will become known but Karadzhov said it will be “in the millions”.

The commission’s inquiry into the case took about a month. Karadzhov said that the investigation has established the exact number of natural persons whose information was compromised, how many of them are foreign citizens and how many are under the age of 18. He did not release specifics.

Vesselin Tselov, a member of the commission told the press that “The NRA has done nothing to protect the personal information of the citizens. He implied the fine will be close to the maximum according to the law, 20 million euro, which comprises 4% of its whole budget.

In other news:

Spasi Sofiya discovers Sofia Municipality massively overpaid for North Park renovations

Spasi Sofiya (Save Sofia), whose co-founder Boris Bonev is an independent running for Sofia mayor, announced they’ve uncovered gross violations in the renovation procurements for the North Park.

Spasi Sofiya took different elements of the procurement (swings, chess tables, etc.) and compared the prices to what Sofia Municipality had paid. In every instance they contacted the distributor, named in the public procurement.

They found a number of discrepancies: for example, Spasi Sofiya contacted the company Kozi Rog D, which is named as the distributor for a set of swings. Sofia Municipality paid 4158 leva for each set but the price Spasi Sofilya was asked for the same set was less than half that: 2033 leva. The check confirmed more than double prices for chess tables, equipment for dog training playgrounds, fences and more.

Mayor Yordanka Fandakova promised to follow up on the information but made sure to remind reporters that “Spasi Sofiya is in campaign mode”.

This is a consecutive discovery of its kind in Sofia. At least two such reports have emerged in this year alone for gross discrepancies between the prices of various supplies and products on the market compared to what Sofia Municipality spends for them.

Dupnica municipality has no resources to clear the illegal dumping ground under Struma highway

Struma highway remained closed until Friday after an illegal dumping ground produced a fire underneath it and damaged the pillars of the construction. Meanwhile, different institutions continue to pass blame for the existence of the dumping ground and the lack of appropriate reaction from authorities.

The deputy mayor of Dupnitsa, Krum Milev, told reporters that the municipality had informed the National Road Infrastructure Agency -- which is in charge of maintaining the premises of the highway -- about the illegal dumping ground to no avail. According to him the municipality specifically warned the agency that the dumping ground is creating a fire hazard under the highway but the agency did not react.

Ecology Minister Neno Dimov said that the dumping ground under Struma highway is not technically a dumping ground and that an assessment is pending. The important distinction is likely due to the fact that spaces under highways cannot be used as dumping grounds. The company, which stored the waste (as opposed to dumping it) under the highway received a permit to do so from the ministry. It used more space than it was allowed, but the fact remains that the ministry should not have issued the permit in the first place.

Mediapool checked under other bridges of Struma highway and found that many of them have become illegal dumping grounds.

Specialized prosecutor’s office accuses Mediapool of “vandalism”

The specialized prosecutor’s office issued an official statement to the media, in which it accuses Mediapool for “vandalism”. Citing a publication entitled “The prosecutor’s office throws people in custody for writing on death notices”. The piece reports on prosecutors’ request to hold e person three days in custody for having scribbled obscene messages on a death notice of a magistrate. The article cites similar and much more severe cases (including death threats using fake death notices), which the prosecutor’s office have entirely ignored in the past. Reporting the cases back to back points to the apparent bias of the prosecutors in handling such cases.

It is likely this piece of comparison that stirred the prosecutor’s office public relations office. The authors of the article did not give any opinion as to why the prosecutor’s office reaction differs so widely in otherwise substantially similar cases. It must have struck a nerve as the resulting press release not only gave away the name of the magistrate in question (unnamed in Mediapool’s reporting) but also accused the journalist of vandalism. Although the other character in this story – accused of the same – was held in custody for three days, Mediapool’s reporter got off with a wag of the finger.

The story is indicative of how little regard the prosecutor’s office has for the freedom of the press and especially the distance and restraint it must uphold in expressing its opinions. Which unfortunately often become actions sanctioned by the office of the prosecution.

Bulgarian coal TTPs among the top 20 SO2 polluters in the world

Bulgaria made It in the top 20 SO2 polluters in the world in the latest ranking by Greenpeace.

“In Europe – the report says -- three countries stand out for their SO2 emissions - Ukraine, Serbia and Bulgaria. All three are in the list of largest 20 SO2 emitters in the world. Without exception coal-based power plants are the main source of high SO2 emissions in all three countries. Bulgaria is the only EU country on the list.”

Maritsa-Iztok is the largest coal TPP complex in the country, and it is cited in the report as the largest emitter of SO2. Four TPPs are part of the complex: the so-called American plants, AES Galabovo and ContourGlobal East Maritsa 3. Those plants, however, are equipped with the most modern SO2 filtering systems. The other two, the state-owned Maritsa Iztok 2 and Brikel, owned by energy mogul Hristo Kovachki regularly top pollution rankings. Brikel alone has emitted 250 kilotons of SO2 in 2018, while the total emissions from Bulgaria for the period are 350 kilotons. The TPP Bobov dol is second, followed by the TPPs in the Varna region. The report notes that those are relatively low.

The report points out that even though the EU introduced new lower limits for SO2 emissions from coal plants, “Bulgaria is opposing the new rules and continues to permit operational power 8 plants to emit more than the law allows and is also seeking exemptions from the rules, instead of taking steps to phase out coal.”

Commission for the Protection of Competition refuses to open inquiry into Hristo Kovachki

Employers’ organizations requested the Commission for the Protection of Competition to open an investigation into a number of electric producers and operators, which are known to be connected to Hristo Kovachki but the commission refused. According to the employers’ organizations Kovachki is manipulating the market and benefiting through these companies. The energy companies in question include over ten entities, most of which heating plants all over Bulgaria. Nearly all of them are owned by offshore companies. The commission stated that it cannot open an inquiry as the companies in question are not Kovachki’s but are owned by different persons, through offshore companies.

The Association of Bulgarian Employers’ Organizations issued a statement saying the commission’s response is bureaucratic and demonstrated bias. In addition, the response “ignores the problems in the energy sector” and “demands we submit information, which the commission should itself acquire through the proper channels” as part of such an investigation.

The employers deem it “absurd that everybody in Bulgaria are perfectly capable of recognizing the elementary scheme of front men, behind which, according to a number of media publications, is mostly Hristo Kovachki, but the commission is not.”.

The largest parliamentary opposition the Bulgarian Socialist Party also announced it will be submitting a formal communication to the prosecutor’s office about Hristo Kovachki operating a monopoly in the energy marked. BSP deputy leader, Kiril Dobrev announced the news at a special press brief, Energy Minister Temenuzhka Petkova later dismissed it as being “pre-election” motivated.

BSP’s Krum Zarkov accused the Commission for the Protection of Competition of not doing their job with the employers’ request but expressed hope that in taking the case to the prosecutor’s office BSP will be able to prove that the offshore companies in question are connected to Kovachki.

Citizens of towns near Rousse complain of harsh smells from the buried culled pigs

Citizens of five small towns near Rousse, where the corpses of tons of culled pigs were recently buried, complain about harsh smells coming from the burial sites.

Just in the region 40’000 pig corpses have been buried after an African Swine Fever outbreak. Investigative reporting revealed a corruption scheme, which ultimately has stripped the country of its capacity to dispose safely of animal corpses. The news of the overpowering smell around the burial grounds comes amid growing concern that proper measures to ensure safety and mitigate the risk of water, soil and air contamination have not been taken.

The Food Safety Agency office in Rouse ensured that the sites where the pigs were buried are under constant supervision and the agency is taking all necessary measures to safeguard the sites and prevent contamination.