Cyber-attacks in Switzerland are on the rise. The latest one was to the EasyGov platform, the federal government’s online counter used to process administrative procedures quickly, easily and efficiently. as reported by the newspaper Tages-Anzeiger, criminal hackers managed to steal a list containing the names of up to 130,000 companies that applied for a Covid-19 loan via the federal platform back in August 2020.
As the operator of Easygov, the State Secretariat for Economic Affairs (Seco) took measures immediately and initiated an investigation. According to the report, hackers allegedly stole the data by means of an automated query in the public area of the portal. Further investigations will have to show whether the criminals actually violated Swiss law.
Automated queries are often made and are not illegal: "Anyone who sets up an unprotected interface must expect it to be used," said Nicolas Mayencourt, CEO of Dreamlab Technologies. "As long as no security measures are bypassed, one cannot even speak of hacking. It is the responsabiliity of the interface provider to secure and limit the number of accesses."
"Switzerland has experienced 30% more cyber attacks this year than last year. This shows that the state, but also many of its companies, are not protected enough" said Franz Grüter, National Councilor, IT entrepreneur and one of the few federal parliamentarians with in-depth knowledge on the topic.
Switzerland's National Cybersecurity Ceentre (NCSC) has emphasised that several IT facilities of the public sector have weak points. "Those involved are overworked and have little knowledge on the topic. Organisations need support from specialists - for example, working with ethical hackers and simulation exercises to test the security systems."
Download the full article (German only): here.