October 21, 2021
16:06
–
Disclosure of epidemic measures related to access to public places through a European green certificate was accompanied by malicious actions such as denial of service (DDoS) against the infrastructure serving the National Health Information System (NHIS). Within 24 hours, a huge amount of traffic was directed to the portal, and at peak times the malicious traffic exceeded 400 Gbps. This necessitated the implementation of more aggressive measures to limit malicious traffic and the use of specialized infrastructure for analysis and counteraction, through which the recovery of the provided services began. Attempts to break in and interfere with the system and leak user data were not reported.
Everything on the topic:
Coronavirus epidemic (COVID-19) 27422
–Information Services AD has specialized and effective means to counteract such malicious actions, which allowed the issuance of green certificates to continue, despite some known delays.
In the first hours after the announcement of the measures on October 20, 2021, a record number of green certificates were issued and removed from the system – over 106,000. By 3:00 pm today, over 64,000 certificates have been withdrawn. The system currently issues over 15,000 documents per hour.
The sources of malicious traffic that tries to disrupt the normal functioning of the system are infected computers and Internet-connected devices around the world:
The level of information security in Bulgaria is not at the required level, due to which malicious traffic is observed from the addresses of many legitimate users – hospitals, vaccination points, GPs and individual users at the NHIF. This requires their temporary restriction and gradual inclusion in the system.
The teams of Information Services AD continue to work actively to ensure the operability of the NHIS and all services supported by the company, as well as to identify and neutralize the sources of threats.
Information Services AD apologizes to all medical persons and citizens who had difficulties with the use of the National Health Information System and thanks our technological partners for their assistance in neutralizing malicious actions.
