Up to 200 Swiss companies targeted by ransomware hacker group
Select your language
Generated with artificial intelligence.
Listening:
Up to 200 Swiss companies targeted by ransomware hacker group
The hacker group Akira has intensified its activities in Switzerland. Around 200 companies have fallen victim to ransomware attacks. The damage currently amounts to several million francs and several hundred million dollars worldwide.
+ Get the most important news from Switzerland in your inbox
The Office of the Attorney General of Switzerland (OAG) has been conducting criminal proceedings against the group since April 2024, authorities said on Thursday. The investigations are being conducted under the coordination of the Federal Office of Police (Fedpol) in close cooperation with the Federal Office for Cyber Security and authorities in various countries.
The Akira hacker group first emerged in March 2023. It works with specialised and specially developed software and has an IT infrastructure covering several countries. It practises so-called double extortion, in which the victim’s data is first stolen and then encrypted.
More
Explainer: how vulnerable is Switzerland to cyber-attacks?
If the ransom is not paid within a specified period, Akira not only withholds the decryption code for the data from the victim, but it also publishes this data on a blog on the darknet. The name of this blog is “DLS” for “Data Leak Site”. The ransom is paid in cryptocurrency, usually in Bitcoin, Swiss authorities said in a statement.
The authorities believe a certain number of cases of attacks goes unreported. This is due to the fact that the victims of the hacker group pay the ransom demanded out of fear for their reputation and refrain from filing a criminal complaint.
Authorities warn against paying ransom
The attorney-general’s office, Fedpol and the Federal Office for Cyber Security said that filing a criminal complaint increases the chances of success in the fight against such criminal groups. The authorities also warned against paying ransoms. This would only serve to finance the criminal activities, they said.
+ Switzerland recorded 164 cyber attacks in last six months
These types of ransomware attacks are usually complex, but the majority of them can be avoided, the authorities added.
Access in such attacks usually takes place via non-updated systems and remote access such as VPNs (Virtual Private Networks) and RDPs (Remote Desktop Protocols), which are not protected by two-factor authentication.
Translated from German with DeepL/gw
We select the most relevant news for an international audience and use automatic translation tools to translate them into English. A journalist then reviews the translation for clarity and accuracy before publication.
Providing you with automatically translated news gives us the time to write more in-depth articles. The news stories we select have been written and carefully fact-checked by an external editorial team from news agencies such as Bloomberg or Keystone.
If you have any questions about how we work, write to us at english@swissinfo.ch.
External Content
In compliance with the JTI standards
More: SWI swissinfo.ch certified by the Journalism Trust Initiative
You can find an overview of ongoing debates with our journalists here . Please join us!
If you want to start a conversation about a topic raised in this article or want to report factual errors, email us at english@swissinfo.ch.