Computer security under increased threat
The government's cyber crime unit says the increasing sophistication of malicious software poses a serious threat to computer users and databases.
The Reporting and Analysis Centre for Information Assurance said on Friday that firewalls and anti-virus software alone are not sufficient to protect computers from attacks or sensitive company documents from theft.
Internet criminals no longer try to penetrate firewalls but are increasingly “picking the soft spot inside and that’s the user,” Marc Henauer, head of the cyber crime unit within the Swiss justice and police department told swissinfo.
Henauer said that the sophistication of the malware – for example the ability of some viruses to change their signature every few hours – meant the attackers were often one step ahead of protection software.
They are potentially interested in any computer in order to steal data or information that can be converted into money, or to integrate the computer into a botnet.
Botnets are considered the greatest threat to the internet, since these remotely-controlled computers are used to distribute spam, host illegal content, obtain information, install advertising programmes or spread denial of service (DDoS) attacks.
The cyber crime unit has observed DDoS attacks in Switzerland and expects them to become more frequent.
Disastrous management
Henauer said companies must change their approach to data security, in the knowledge that technology such as firewalls only offer limited protection.
“When you look behind the security wall of some companies, the whole information and data management is disastrous,” he commented, saying not enough care was taken to protect access to sensitive documents.
“If the computer of the director’s assistant, who has access to all of the network shares, is infected, then all of this data is gone because there is no classification or user right policy.”
While victims are typically lured by deceptive emails or fake websites called phishing, the increasing interactivity of the internet provides cyber criminals with new opportunities.
A new entry made in a blog which is hosted by an infected computer could be hijacked by a worm, Henauer explained. “This worm adds a link to a website by insinuating that it was put there by the author.
Since computers come under attack from an ever-changing array of viruses, worms and Trojan horses and users are faced with countless phishing tricks and hoaxes, the agency is recommending greater vigilance.
Henauer says users often have an ambivalent attitude toward their computers, choosing to ignore the warning signs including slower performance and therefore fail to take the appropriate measures such as running scans.
“It’s not only classic warnings such as ‘don’t click on an attachment or a link,” he said. “You may have done everything correctly, and so you have to find out what is wrong.
“You are not doing yourself a favour by forgetting about the risk.”
swissinfo, Dale Bechtel
Always keep anti-virus software updated.
Keep your operating system on the latest level of patching.
Use firewalls. Back up your data.
Keep a close eye on emails. If you don’t know where one has come from and it has an attachment which you are not sure about, delete it.
Caution on using links in emails. They may lead to websites that have been set up to cause you damage.
In compliance with the JTI standards
More: SWI swissinfo.ch certified by the Journalism Trust Initiative
You can find an overview of ongoing debates with our journalists here. Please join us!
If you want to start a conversation about a topic raised in this article or want to report factual errors, email us at english@swissinfo.ch.