Switzerland needs a national strategy and crisis management team to better defend itself against the dramatic rise in cyber crime, say federal experts.
swissinfo.ch talked to Kurt Nydegger and Gérald Vernez from the defence ministry, who have been asked to present a strategy paper by the end of 2011 on possible technical and legal measures to avert attacks.
Switzerland is particularly vulnerable to cyber attacks because of its high-tech infrastructure, while the danger is real but hard to foresee, according to the defence ministry.
The most publicised recent incident took place in October 2009 when hackers used malware to target the foreign ministry, entering its computer network and accessing various sensitive documents. The Federal Prosecutor’s Office is still investigating those responsible.
swissinfo.ch: To what extent is Switzerland exposed to cyber attacks?
Kurt Nydegger and Gérald Vernez: Attacks especially concern the theft of information, and the taking control or destruction of computer systems. The latter is still rare, however.
But we have to be careful as the number of cyber attacks is rising dramatically and having an impact on security policy. This started in the 1990s and is growing massively; this is why we were mandated. Firms and government offices have already been attacked and when you surf on the internet every day you are open to attacks.
There are threats against banks, large firms, local authorities, energy structures, land and air transport and water infrastructure. The threats are everywhere.
swissinfo.ch: What are the dangers of such attacks?
K.N. & G.V.: Whether it’s the lift in your apartment or your car, many processes in our daily lives depend on computer technology. When someone is able to upset these processes, our lives are affected.
When they are small disturbances, like a lift not working, that’s alright. But when it’s a power plant, a train or an aeroplane that are hit, that becomes critical. Some hackers have already managed to cut the power to an entire city, blown up a generator, sabotaged weapons, stolen information and money and wrecked people’s professional careers.
It’s no longer about small-time frustrated criminals just wanting to play with the system. We are in a phase in which large organisations or states understand the benefits of using cyberspace as a weapon.
Much is possible with even minimum investment. And we should not forget that this cyber war can have fatal consequences; it’s a way of conducting future warfare that is becoming more accepted, accessible and politically correct.
swissinfo.ch: In 2009 the Swiss foreign ministry was the target of a cyber attack. Is it now better prepared for countering such attacks?
K.N. & G.V.: Switzerland currently only has a small group of people to detect cyber threats and develop strategies to react. This is something where one-off actions here and there are no longer adequate.
But it’s also a political question. Our scope is limited by a strict legal framework.
The army is free to build a “lab” to work on how to defend against cyber attacks, if necessary. But it is not allowed in times of peace to enter third party networks and to break them up. It can only use this means during wartime and while respecting international laws of armed conflict.
swissinfo.ch: How should we beef up our protection of cyberspace?
K.N. & G.V.: One of our weaknesses is a lack of coordination between the different people involved. This is why we need a national strategy. Until now Switzerland has managed to muddle through. But this kind of solution is just not viable in the long term.
We have no crisis management structure or team to deal with this threat or any instrument allowing the Swiss authorities to undertake coordinated and effective measures.
Much work also needs to be carried out among users who have access to sensitive data. They have to be encouraged to lock documents and important emails with passwords, to carry out a virus check if someone hands over a USB stick, to not let anyone instal a programme on their computer and to not surf the internet carelessly.
The example of the computer worm Conflicker at the end of 2008 showed that flawed human behaviour can have damaging consequences. In France this worm grounded naval planes. Several weeks later half of all British naval aircraft were infected by the same virus.
Cybercrime in Switzerland
The government has a special unit within the Federal Police Office to coordinate the fight against cyber crime.
In response to a government decision in 2003, the finance ministry, alongside the Federal Police Office and the Swiss Education & Research Network, launched a reporting and analysis centre for information security.
A new law came into force in April banning spam.
Most personal computers are infected through either malware or phishing:
Malware: Comes from the words "malicious" and "software". This is a generic term for software that carries out harmful functions on a computer, such as viruses, worms or Trojan horses.
Phishing: Fraudsters phish in order to gain confidential data from unsuspecting internet users. An example is account information from online auctioneers or access data for internet banking.
Hackers targeting the IT infrastructure of institutions usually do so for one of two reasons: to steal information or to disrupt service.
The latter is usually done through a distributed denial-of-service attack (DDoS).
A DDoS is an attempt to make a computer network unavailable. This is usually done by overloading a website or service with requests.
The result is that the website either shuts down or operates prohibitively slowly.
Banks and e-commerce websites are most often targeted.
(Translated from French by Simon Bradley), swissinfo.ch