ENISA is the European Network Information Security Agency.
They publish a quarterly review – a 24-page document.
In its last edition (2.3 Mb pdf), there’s an article by me about the cybercrime fight in Bulgaria. You may wish to check it out.
And for those, who don’t want to download huge document, here is the text version:
Bulgaria fights cyber crime – some practical aspects
by Veni Markovski
Institutional development in Bulgaria
With the formation of the current Bulgarian government in August 2005, for the first time development of the information society became a top priority for the Bulgarian cabinet. This has happened largely as a result of Prime Minister Mr. Stanishev’s personal agenda.
The Bulgarian government has created a special body, the State Agency for Information Technologies and Communications (SAITC) to the Council of Ministers. Previously, these issues were handled by the Ministry of Transport and Communications. Plamen Vatchkov has been appointed as head of the Agency. Both he and Prime Minister Stanishev, together with President Parvanov, former President Stoyanov, former Prime Minister Kostov and other prominent figures, are members of the Internet Society of Bulgaria.
SAITC is authorised to work in co-operation with the Secretariat of the National Security Council (NSC) in the field of co-ordination of cybersecurity activities, based on a resolution from the NSC to the Council of Ministers. The Agency was also given the task of ensuring the security of the governmental information network. Contacts have been made with similar agencies in the USA.
As one of the new countries that joined the European Union (EU) in the last round of accessions in January 2007, Bulgaria is making a concerted effort to combat cybercrime because both Bulgaria and the other new country, Romania, are widely regarded as frequently the origin of cybercrime. The combating of cybercriminals is the responsibility of the Interior Ministry’s Department for Combating Organised Crime (GDBOP).
During 2006 considerable effort was also spent in Bulgaria on combating the usage of so called pirated software. Representatives
from major software companies, mainly members of the Business Software Alliance (BSA) through their Bulgarian representatives, initiated a campaign to push for protection of their rights. The work of the GDBOP was criticised in the media, however, because it was aimed at endusers, while distributors of illegal CDs were left to be investigated by the Sofia City Police (SCP), which is a more general unit. Throughout the year, the SCP confiscated more than 160,000 CDs of software, films and music. At the same time the GDBOP managed to discover only 2,000 illegal CDs. Newly appointed Chief Prosecutor Boris Velchev also expressed his surprise that police action is aimed at end-users, while it is the organised distributors who should be pursued.
SAITC has also collaborated with the Bulgarian Police in shutting down spoof websites of foreign banks. US banks, which had requested the co-operation of SAITC, were impressed by the speed at which spoof websites were taken off the Internet. On average, this was achieved in less than two hours, thanks to the excellent cooperation between SAITC and the GDBOP.
The Bulgarian non-governmental and private sectors have also been supporting the fight against cybercriminals. Many organisations participated in the Safer Internet Day in 2006, and even more have signed up to participate in 2007. The Bulgarian Internet Service Providers have been co-operating with the Police in combating illegal activities on the Internet. With the co-operation of SAITC and the private sector, VeriSign, the registry for .com and .net top level domains, installed a Regional Resolution Server in Bulgaria, making it the first East European country to host such a server.
Further information can be found on the website of the South Eastern Europe Conference on Cyber Security Co-operation:
Some important cybercrime cases in 2006
In 2006 the GDBOP recorded a number of successes against cybercriminals, including the following:
Eight people were arrested in three Bulgarian cities. They had developed spoof bank websites, in order to perform phishing to try to collect personal data and credit card information from people all over the world. More than 90% of the credit card details that were stolen were from the US. The criminals, mainly teenagers, were using the stolen information to buy equipment, but they had also managed to obtain cash through a company dealing with express money transfers.
A 32-year old investigator from the second police district of Sofia, the Bulgarian capital, copied information from his office computer to his personal computer. He also installed a file-sharing programme, which gave access to his police documents. As a result, a Bulgarian journalist managed to download 260 files of important police documents.
A 38-year old man from Sofia has been charged with sending e-mail threats to two Bulgarian journalists. The man threatened that they would be killed if they did not leave the country. The emails were signed as if sent by the leader of a right-wing nationalist party in Bulgaria.
A 22-year old paedophile has been charged with distributing pictures with violence involving young children. In the last year he had also circulated pornographic pictures of young girls. At the beginning of May, the man published an announcement on one of Bulgaria’s dating sites that he was looking for little children, for ???discreet sex’, mentioning that he preferred children from the Plovdiv region. The man was caught while he was on-line using a computer at an Internet cafe to send illegal pictures to other users.
An organised gang offering sex with children was shut down. A Bulgarian newspaper published an article about a website which offered young boys for sex, after which the GDBOP managed to locate and charge three men in Sofia, who had built up an organisation to lure teenagers and underage boys into homosexual activities, meeting them first on the Internet.