Swiss government and Federal Railways hit by cyberattacks
Swiss federal government websites and the online portal of the Swiss Federal Railways have been victims of malicious online attacks.
Several websites of the federal administration are currently unavailable, Swiss public radio, SRF, reported on Monday.
According to the finance ministry, the sites were hit by a so-called DDoS attack, which aims to overload websites and applications with targeted requests so that they are no longer accessible. No data is lost in a DDoS attack.
The pro-Russian hacker group “NoName” has claimed responsibility for the attack on the federal government on its own Telegram channel, Tages-Anzeiger newspaper said. This group was also behind the attack on the Swiss parliament website (www.parlament.chExternal link) last week.
+ Ransomware attacks on the rise in Switzerland
“Federal IT specialists quickly noticed the attack and are taking steps to restore accessibility to websites and applications as quickly as possible,” the finance ministry said on Monday morning.
+ Hackers steal Swiss police and customs data
The Swiss Federal Railways and the Aargau cantonal authorities have also been affected by an earlier online attack against the Bern-based IT company Xplain, which provides services to federal and cantonal departments.
The national railway company and the canton confirmed to the Swiss News Agency Keystone-SDA that data had been stolen after a ransomware attack. This follows an earlier report in the NZZ am Sonntag newspaper.
The Aargau authorities say “a small volume of operational data linked to error protocols that were analysed at Xplain” is affected by the leak, as well as “commercial correspondence”.
The extent of the data theft is still being analysed by Xplain and the federal authorities. The hackers reportedly used malware to exploit a vulnerability on Xplain servers hosting applications for cantonal services. Ransomware usually blocks all access until a key or an unblocking tool is sent to the victim in exchange for a sum of money.
Far-reaching consequences
The attack on Xplain, revealed on May 23, has had far-reaching consequences. It has affected the Federal Office of Police (Fedpol), the Federal Office of Customs and Border Protection (FOCP) and, according to Le Temps, cantonal police forces. In addition to business correspondence, operational data may also have been affected, according to the National Centre for Cyber Security (NCSC).
After encrypting the stolen data and demanding a ransom from the company, the hackers reportedly published some of the data on the darknet. According to Le Temps, which broke the story, the attack was carried out by the Play group, the same group that recently targeted the Swiss media companies CH Media and NZZ.
There has been a surge in cybercrime in recent years. Cyberattackers have hacked several Swiss private and public targets, with ransomware attacks on the rise.
These include Swiss media groups, defence contractor RUAG, the International Committee of the Red Cross (ICRC) and Swiss municipalities.
In compliance with the JTI standards
More: SWI swissinfo.ch certified by the Journalism Trust Initiative
You can find an overview of ongoing debates with our journalists here. Please join us!
If you want to start a conversation about a topic raised in this article or want to report factual errors, email us at english@swissinfo.ch.