An Overview of the National Digital Public Attack Surface
This country study of the Swiss Cyberspace is part of Dreamlab Technologies’ initiative to provide an insight into the entire potential attack surface of a nation by using CyObs – a high-precision cyber radar system. It provides a complete view of the actual status of Switzerland’s cyberspace, supplying the essential data and critical insights to proactively reduce the attack surface, as well as to address vulnerabilities and risks. By combining threat detection, risk management and comprehensive insights, this report could assist the Swiss government, critical infrastructure providers and private organisations achieve their cybersecurity objectives.
Key insights from this year’s report include:
-
2.5 million potential vulnerabilities (based on metadata or the version number of the software), wherefrom 373,686 are classified as critical and 764,190 are classified as high..
-
Almost 45% of detected potential vulnerabilities have critical to high severity scores. Top 20 vulnerabilities affected outdated software versions of OpenSSH, Apache, Microsoft and others.
-
34% of active domains are within the Swiss IP space; 66% of domains are hosted outside of the Swiss cyberspace.
-
Only 12% of servers for active domains are within the Swiss IP space; 88% of servers reside outside of the Swiss cyberspace.
-
1.4 million open ports detected, 0.3 million IPs use plaintext protocols.
-
Around 33% of the databases are potentially vulnerable hosts with a database; around 118,199 exposed Remote Administration Interfaces (RAIs) were detected.
-
Around 46,000 self-signed and around 17,000 expired SSL/TLS certificates were detected; 33 and 11 with ‘admin.ch’ domains respectively.
Switzerland’s 2025 CyObs Country Report includes:
Executive Summary: Overview of the challenges and key findings within Switzerland’s cyberspace.
Preface: A preface from Dr. h.c. Nik Gugger, President of the Swiss Cyber Security Days and National Councillor, highlighting challenges and opportunity of Switzerland.
Analysis of Switzerland’s Cyberspace: In-depth analysis of the country’s cybersecurity risks, emphasising the composition of the cyberspace and spotlighting high-priority vulnerabilities and weaknesses affecting the national, critical infrastructure and organisations. And additional insights on Switzerland’s new cyber territory: ‘quantum readiness’.
Recommendations and Conclusion: Summary on the current general state, observations, identified risks, and recommendations.
