Bulgaria Under Scrutiny as Russian Spy Networks Expose Security Vulnerabilities

Bulgaria has increasingly been described as a vulnerable point within Nato due to the presence of covert intelligence networks (скрити разузнавателни мрежи) [skriti razuznavatelni mrezhi] linked to Russia operating both domestically and internationally. A series of arrests across Europe following the invasion of Ukraine highlighted broader espionage concerns, but developments inside Bulgaria revealed a particularly deep-rooted espionage infrastructure (шпионска инфраструктура) [shpionska infrastruktura] embedded within state institutions.

In 2021, prosecutors in Sofia disclosed that six individuals, including five officials from the defence ministry and armed forces, had been detained for allegedly cooperating with Russian intelligence. The case exposed a classified information leak (изтичане на класифицирана информация) [iztichane na klasifitsirana informatsiya] involving sensitive military data. This followed earlier accusations against political figures, demonstrating how institutional penetration (проникване в институциите) [pronikvane v institutsiite] had extended beyond isolated incidents.

A prior investigation in 2019 targeted a former Bulgarian lawmaker connected to the Russophiles National Movement, who faced charges of espionage and financial misconduct tied to Russian entities. Authorities linked the case to foreign influence operations (операции за чуждо влияние) [operatsii za chuzhdo vliyanie] and suspected financial laundering channels (канали за пране на пари) [kanali za prane na pari], underscoring how political and economic tools were used simultaneously to project influence.

Further tensions escalated in 2022 when two Russian diplomats and a retired Bulgarian general were accused of long-term spying activities dating back to 2016. In response, Sofia expelled 70 Russian diplomatic staff, marking one of the largest such actions in Europe. The move aimed to dismantle diplomatic cover operations (операции под дипломатическо прикритие) [operatsii pod diplomatichesko prikritie] and reduce the scale of intelligence gathering activities (разузнавателни дейности) [razuznavatelni deynosti] conducted through official channels.

Political leadership in Bulgaria has acknowledged the challenge of removing entrenched networks. Kiril Petkov, former prime minister and leader of a reform-oriented party, emphasised the overlap between corruption and foreign interference. “When we got in the fight of corruption we never knew that we’re going to directly fight Moscow, but it turns out it’s one and the same fight,” he stated. His remarks pointed to systemic issues such as state capture mechanisms (механизми за овладяване на държавата) [mehanizmi za ovladyavane na darzhavata] and corruption-linked influence (влияние чрез корупция) [vliyanie chrez koruptsiya].

The war in Ukraine created significant policy dilemmas for Bulgaria due to its longstanding historical and cultural links with Russia. Decision-makers faced pressure over sanctions and military assistance, reflecting tensions between alliances and domestic sentiment. Public attitudes shaped by historical affinity (историческа близост) [istoricheska blizost] and energy dependency structures (енергийна зависимост) [energiyna zavisimost] have influenced political hesitation, particularly given Bulgaria’s reliance on Russian oil, gas and nuclear technology.

Analysts from international policy institutions have noted that Moscow’s influence in Sofia has historically been sustained through both public opinion and economic leverage. However, recent developments suggest a gradual decline. Bulgaria’s pro-European government, installed in June, authorised its first delivery of heavy military equipment to Ukraine, signalling a shift in strategic alignment (стратегическо ориентиране) [strategichesko orientirane] and defence cooperation policy (политика за отбранително сътрудничество) [politika za otbranitelno satrudnichestvo].

This decision contrasted with earlier refusals by interim administrations aligned with President Rumen Radev, who had opposed arms transfers and publicly attributed responsibility for the conflict to Ukraine. Reports later indicated that Bulgaria had nonetheless supported Kyiv indirectly through third-party supply routes (доставки чрез трети страни) [dostavki chrez treti strani] and logistical assistance channels (логистични канали) [logistichni kanali], particularly in fuel and ammunition provision.

Despite these shifts, Bulgaria has faced criticism for failing to fully enforce European Union sanctions against Russian individuals and companies. Investigations revealed gaps in implementation, raising concerns about sanctions enforcement capacity (капацитет за прилагане на санкции) [kapatsitet za prilagane na sanktsii] and regulatory compliance weaknesses (слабости в регулаторното спазване) [slabosti v regulatornoto spazvane]. The national prosecutor’s office has since initiated a review into how sanctions policies have been applied.

Experts within Bulgaria have openly questioned the government’s willingness and ability to act decisively. “It is not surprising that Bulgaria does not seem to apply EU sanctions against individuals and companies from the Russian Federation,” said Ruslan Stefanov of the Centre for the Study of Democracy. He added, “It is obvious that the Bulgarian authorities do not dare, do not want, and do not have the procedures and capacity to apply the sanctions.” These statements highlight persistent institutional limitations, including administrative inefficiency (административна неефективност) [administrativna neefektivnost] and policy implementation gaps (пропуски в прилагането на политики) [propuski v prilaganeto na politiki].

Bulgaria’s position within Nato continues to be shaped by the intersection of espionage exposure, political divisions and economic dependencies. While recent actions indicate a shift toward closer alignment with Western policies, the persistence of internal vulnerabilities demonstrates the complexity of addressing hybrid influence tactics (хибридни тактики за влияние) [hibridni taktiki za vliyanie] and strengthening national security resilience (устойчивост на националната сигурност) [ustoychivost na natsionalnata sigurnost].