Navigation

Skiplink Navigation

Main Features

Cyberattack and data protection Cabinet seeks more data safety as hackers strike

Justice Minister Sommaruga says Swiss data protection laws need to be up to date in the internet age 

(Keystone)

The Swiss defence ministry foiled a cyberattack by malware similar to that used in other global hacking campaigns, the government revealed on Friday, the same day the justice ministry presented plans for improved data protection.

Experts discovered the attacks – which were carried out with the Turla malware, a sophisticated virus used for cyber-espionage – on several servers of the defence ministry and a contractor of the foreign ministry in July, according to the cabinet spokesman.

The government declined to give information about the origin of the attack or say whether any damage including data theft had occurred. It cited security considerations.

Both ministries have filed criminal complaints and an investigation is underway, according to officials.

In December 2015, the state-owned armament and technology group Ruag fell victim to an attack with the Turla virus, leading to the loss of 20 gigabytes of data. Several IT systems of the federal administration have also been targeted by computer hackers over the past three years.

The Turla spyware was detected in 2014 and is suspected of infecting hundreds of government computers and military targets across Europe and the Middle East. 

Internet age

The announcement came as Justice Minister Simonetta Sommaruga presented government plans to boost data protection for individual citizens while safeguarding the data transfer between Swiss companies and firms in the European Union.

“The legal reform seeks to amend Swiss legislation to bring it up to date in the internet age. It is aimed at ensuring that the EU continues to recognise data protection standards in Switzerland,” Sommaruga told a news conference on Friday.

The proposals include increasing transparency on data processing, introducing fines of up to CHF250,000 ($259,000) for violations of the rules as well as increased powers for the government’s data protection and information commissioner.

Companies collecting data have a legal obligation to inform consumers about the use of the information, notably in the general terms and conditions or on their websites.

The proposals are expected to meet resistance in parliament, which is due to discuss the amendments at a later stage.

Sommaruga said she did not expect everybody to agree with bill, but she stressed the cabinet had amended its proposals following criticism from the business community. Small and medium-sized enterprises complained that the initial government plans would lead to a “bureaucratic monster”.

“We adapted the bill, taking into account the considerations of the business sector,” she said.

swissinfo.ch/urs


Links

subscription form

Form for signing up for free newsletter.

Sign up for our free newsletter and get the top stories delivered to your inbox.

×