The hackers, belonging to a group called "NoName057(16)," have successfully attacked several prominent Swiss websites, including those of Switzerland Tourism, the Swiss Private Bankers Association, and defense contractor Ruag. The attacks have unsettled users and highlighted the country's vulnerability in the digital space. Despite the ongoing attacks, tens of thousands of servers in Switzerland remain unprotected, posing a serious risk to data security and democracy.
Switzerland's cybersecurity weaknesses were already a concern over a year ago when high-ranking military officials, politicians, and cyber experts gathered to establish the parliamentary Cyber Group. Nicolas Mayencourt, CEO of Dreamlab Technologies, warned about the alarming number of security vulnerabilities in Swiss servers:
"The Swiss cyber landscape resembles a hole-riddled cheese, with over 116,000 security vulnerabilities discovered across the country's servers. We need to take proactive security measures both as a nation and as individual players. Let’s stop being naive".
While mandatory reporting of cyberattacks on critical infrastructure is being considered, Switzerland still lags behind in terms of cybersecurity compared to other countries. Despite plans to elevate the National Cyber Security Center into a separate federal office, the budget increase is minimal, allowing for only a small expansion. Florian Schütz, also known as Mr. Cyber, stresses the importance of efficient resource allocation rather than just increasing funds. Green Party member Gerhard Andrey stresses the need for reporting not only attacks but also vulnerabilities and security gaps, highlighting the necessity for a security culture in the digital realm, similar to the aviation industry. Nicolas Mayencourt also supports the idea of such a reporting requirement:
"This would be a big step forward for Switzerland in the direction of sensible cyber defense”.
Overall, Switzerland's cybersecurity weaknesses are evident, and urgent action is required to strengthen defenses, address vulnerabilities, and establish a robust cybersecurity culture.
Download the full article (German only).
