University of Neuchâtel back online after cyberattack

Neuchâtel University's computer systems have been blocked as a security measure, causing disruption to work and study. © Keystone / Gaetan Bally

The University of Neuchâtel website was functioning again on Friday evening following a cyberattack but an investigation continues into the scope of the problem. The university is the latest Swiss institution to fall victim to a cyber attack.

This content was published on February 19, 2022 - 11:53

"The attack comes from a malicious software that can automatically generate a message on the workstations saying that some files have been encrypted," said the university in western Switzerland on Friday evening on its website. The IT system found that there had been encryption.

After the first signs of the cyberattack late on Thursday, the university in western Switzerland took security measures, including blocking all its computer systems, Nando Luginbühl, head of its press office, confirmed on Friday. This made it impossible to work or study. 

The university said on Friday evening that it wasn't possible to know if any data had been intercepted and IT teams were still looking into the scope of the problem, contain it and reactive other services.

There has been a recent upsurge in cyberattacks in Switzerland. Price comparison website Comparis was shut down in July by attackers demanding $400,000 (CHF370,000) to put it back online. At the time, a Comparis spokesperson told SWI that no ransom had been paid.

The Stadler rail company, defence contractor RUAG, and the canton Vaud municipality of Rolle have also been targets.

Companies warned

Meanwhile, the National Cyber Security Centre has sent a registered letter to 130 companies and local authorities urging them to install security patchesExternal link for Microsoft Exchange Servers, which are used to manage emails, meetings and contacts, for example.  

“The security vulnerabilities in Microsoft Exchange Servers, which have been known for a long time, are being actively exploited by cybercriminals to install encryption Trojans,” it said, referring to a term for ransomware.

The National Cyber Security Centre said it had emailed over 4,500 businesses and local authorities last year about the security vulnerability and included instructions on how to remedy it. But “despite several follow-up attempts, not all affected parties have yet taken the necessary action”, it said.

In compliance with the JTI standards

In compliance with the JTI standards

More: SWI certified by the Journalism Trust Initiative

You can find an overview of ongoing debates with our journalists here. Please join us!

If you want to start a conversation about a topic raised in this article or want to report factual errors, email us at

Change your password

Do you really want to delete your profile?

Your subscription could not be saved. Please try again.
Almost finished... We need to confirm your email address. To complete the subscription process, please click the link in the email we just sent you.

Discover our weekly must-reads for free!

Sign up to get our top stories straight into your mailbox.

The SBC Privacy Policy provides additional information on how your data is processed.