Foreign ministry computer network hacked
The computer network of the Swiss foreign ministry has been the target of a "very professional" attack, officials said on Monday evening.
The foreign ministry characterised the incident as a “virus attack” but said computer systems were targeted with the intent of gathering specific information.
The extent of the breach is unknown and officials did not say what information was targeted. They are still trying to track down the source of the attack.
The hack was apparently designed not to be noticed. It was discovered on Thursday by specialists at the foreign ministry and at software giant Microsoft.
The foreign ministry has cut the network’s connection to the internet.
“Within the federal administration we have access and could always send and receive emails. But we still don’t have access to the internet,” spokesman Georg Farago told swissinfo.ch.
Employees are also unable to access the ministry’s intranet from outside their offices.
The restrictions should begin to be lifted over the next several days, Farago said.
The Federal Communications Office and the Reporting and Analysis Centre for Information Assurance (MELANI) assisted the foreign ministry in dealing with the breach.
Previous hacks
In 2007, hackers successfully lured employees at the foreign ministry and at the State Secretariat for Economic Affairs (Seco) as part of a phishing scheme.
Around 500 workers received emails containing a link what they believed was a photo contest.
Those who clicked links to vote instead downloaded a Trojan virus, which at the time was not recognised by the government’s security software.
The government traced those attacks to Africa.
In mid-2008, federal prosecutors initiated an investigation against unknown persons suspected of unauthorised entry into government computer systems.
A spokeswoman for the prosecutor’s office on Monday told the Associated Press that there had been no conclusive findings and that the investigation had been dropped.
Separate problems with networks at the interior ministry and finance ministry were resolved last Friday, officials said.
Those troubles were probably connected to a hardware problem.
Global problem
The Swiss are not alone. In June 2008, China denied allegations by the United States that its operatives used secretly-copied data to try to hack into Commerce Department computers.
The Chinese have also been accused of hacking into computers belonging to the offices of the Dalai Lama.
In March, Canadian investigators uncovered a far-reaching global internet espionage network that infiltrated computers and documents from government and private offices around the world, including those belonging to the Dalai Lama.
China is accused of operating what experts dubbed “GhostNet”. It denies those claims as well.
In 2007, a teenager in New Zealand was arrested on suspicion of heading a global hacking network that stole millions from bank accounts around the world.
He was later discharged without a conviction and paid a financial penalty. Police said his software was the “most advanced” they had ever seen and the judge said the 18-year-old had a potentially bright career ahead of him.
Some of the world’s most infamous hackers, including Americans Kevin Mitnick, Adrian Lamo and Kevin Poulsen, have gone on to become respected journalists and computer security experts.
swissinfo.ch and agencies
Most personal computers are infected through either malware or phishing:
Malware: Comes from the words “malicious” and “software”. This is a generic term for software that carries out harmful functions on a computer, such as viruses, worms or Trojan horses.
Phishing: Fraudsters phish in order to gain confidential data from unsuspecting internet users. An example is account information from online auctioneers or access data for internet banking.
Hackers targeting the IT infrastructure of institutions usually do so for one of two reasons: to steal information or to disrupt service.
The latter is usually done through a distributed denial-of-service attack (DDoS).
A DDoS is an attempt to make a computer network unavailable. This is usually done by overloading a website or service with requests.
The result is that the website either shuts down or operates prohibitively slowly.
Banks and e-commerce websites are most often targeted.
In compliance with the JTI standards
More: SWI swissinfo.ch certified by the Journalism Trust Initiative
You can find an overview of ongoing debates with our journalists here. Please join us!
If you want to start a conversation about a topic raised in this article or want to report factual errors, email us at english@swissinfo.ch.