Explainer: How Vulnerable is Switzerland to Cyber-Attacks?

8

Cyber-attacks are a growing headache for governments and companies around the world. Switzerland is no exception.

The sophistication and number of attacks against the Alpine nation has risen dramatically in recent years, claiming victims in a broad range of sectors. Some attacks make headlines. Others fly below the radar.

The highest profile wave of attacks to hit Switzerland this year came in June. A coordinated attack took down sites of the military and federal administration, parliament, as well as Geneva’s airport.

“We have seen numerous attacks against Swiss companies and government institutions in 2023, which is very significant from a national point of view,” Klaus Julisch, lead partner for the cyber ​​practice of Deloitte Switzerland, told SWI swissinfo.ch by e-mail.

Deloitte surveyExternal link this week found that almost half (45%) of large Swiss companies have been the victim of a cyber-attack. That finding is based on input from 400 board members across diverse industries. In all, 42% of cyber victims experienced disruptions to their operations.

This year’s cyber security breaches have led to series of sensitive data leaks on the darknet this year. Hackers have published data from the Federal Office of Police (Fedpol) and the Federal Office for Customs and Border Security (FOCBS) on the darknet; full names and phone numbers of all 2,800 employees of the Bernese cantonal police; and a vast data set on the Swiss Abroad. A security vulnerability in the file transfer software called MOVEit has also been causing headaches for companies in Switzerland.

Why is Switzerland an attractive target for cyber-attacks?

Switzerland is a target-rich environment for cyber criminals. The country is a global banking and commodity trading hub, boasts powerful pharmaceutical and electronic industries, and plays host to a broad array of international organisations ranging from the International Committee of the Red Cross to the World Trade Organization.

The Swiss Financial Market Supervisory Authority (FINMA) reports that out of the 63 attack reports it received in 2022, 48 concerned banks. “Increasing professionalisation of criminals and ever shorter times between the announcement and exploitation of critical security vulnerabilities are keeping the financial industry on its toes,” said the institution in its annual risk analysis.

While not one of the highest risk countries for cyber-attacks, Switzerland’s defenses are not that strong relative to its peers in Europe. In 2022 alone, the National Cyber Security Center documented more than 34,000 attacks. The numbers have tripled since 2020.

Where are these attacks coming from?

The rise in attacks have been driven by the pandemic and exacerbated by the conflict in Ukraine, according to the Swiss government. Phishing attacks, for example, prey on employees working remotely and exploit vulnerabilities of existing IT systems.

Hacking groups with links to China, Iran and Russia are an ongoing security concern for Switzerland. The pro-Russian hacker group NoName claimed responsible for the targeted distributed-denial-of-service (DDoS) attacks that knocked several Swiss government offline in June. The attack was made ahead of a video address by Ukrainian President Volodymr Zelensky. Pro-Ukrainain hackers have claimed attacks on companies that maintain business in Russia.

Swiss authorities are currently investigating a cyber-attack on the IT company Xplain, whose clients include many federal and cantonal governments.

“Many of the attacks in the news originate from nation states, organized crime, and so-called hacktivists,” notes Julisch. “It is also interesting that many attacks are automated and look for vulnerable victims rather than targeting specific companies.”

Which sectors are affected?

Victims vary in size and cut across sectors. Attacks targeting federal and cantonal authorities, the Federal Railways, or newspapers like the NZZ, strike a chord with the Swiss public and grab headlines. Multinationals tend to keep their attacks under wraps. ABB, for example, acknowledged an IT security incident in May.

Less publicised victims of cyber-attacks this year came from an array of sectors. Targets include a telemedicine provider in Basel, several educational institutions including a university in Lausanne, an architecture firm that has planned embassy buildings in Bern, a tourism operator in Zurich, an aircraft operator in Geneva, a museum in Winterthur, and multiple hospitals.

How much do these attacks costs?

The global average cost of a data breach in 2023 was $4.45 million (CHF3.9 million), a 15% increase over 3 years, according to IBM.  Medium-sized Swiss companies suffer average damage of about CHF6 million per cyber-attack, according to PwC.

What are governments and companies doing protect themselves?

Switzerland’s National Cyber Security Centre (NCSC) will become a new federal office in 2024, reporting to the defence minister. That means the creation of four extra full-time posts and an annual budget increase from CHF13.7 million to CHF14.5 million ($16.2 million).

Companies are beefing up IT security and arming themselves with insurance against cybercrimes. Companies from the financial services, manufacturing/chemicals and construction sectors are the most likely to insured, according to the Deloitte survey. It also found that board members from larger companies are more likely to focus on cyber risks than counterparts at smaller or medium-seized one.

Julisch notes that there is a comprehensive set of defensive technologies, management processes and governance structures that organisations should invest in to protect their digital presence. It is key companies get a grip on their specific vulnerabilities and take action. 

“The technical aspects of cybersecurity can be very complex, but they are never the real obstacle,” he says. “Rather, organisations get on the wrong path when they underestimate cyber risks and use “hope” as their cyber strategy.”  

Source : SWI