Navigation

Skiplink Navigation

Main Features

cyber-extorsion Hackers gain access to thousands of Swiss email accounts

dark keyboard

Cases of cybercrime, not always reported, have been on the rise in Switzerland.

(Keystone)

An investigation by the SonntagsZeitung newspaper has found that the email addresses and passwords of some 15,000 employees of federal or state-related bodies have been hacked and traded on the darknet.

The newspaper worked with Zurich-based company Lucy Security to find that the accounts concerned belonged to employees of various state administration bodies, companies close to the state, universities, and other official organizations.

Accounts hacked included those of federal court employees, the newspaper said, and even high-ranking investigators at the Federal Office for Police (FEDPOL).

That hackers have access to such email accounts could allow them to infiltrate further into sensitive areas of the administration, especially if the accounts in question use the same password for several different sites or purposes.

The paper speculates that this may have been the case for RUAG, the state-affiliated defense contractor that was the target of a massive cyber-attack in 2016. A report into the attack by MELANI, the Swiss Reporting and Analysis Centre for Information Assurance, found that the assailants chose specific employees as conduits to access the wider IT systems.

Some 324 of the 15,000 accounts found by Lucy Security belonged to Ruag employees.

The main problem, according to the newspaper’s investigation, is the persistence of employees using professional email accounts to conduct private business, despite efforts by companies and state bodies to discourage this.

The paper also links the story to the current practice of using hacked account details to blackmail users through emails that threaten to make public images of them watching porn, for example, unless a certain amount of money is paid.

However, despite MELANI also confirming the existence of such cases of ‘sextorsion’, it remains unclear how widespread it is. Best practice remains to ignore or report such emails, the centre says.

agencies/dos

Neuer Inhalt

Horizontal Line


swissinfo EN

Teaser Join us on Facebook!

Join us on Facebook!

subscription form

Form for signing up for free newsletter.

Sign up for our free newsletters and get the top stories delivered to your inbox.







Click here to see more newsletters