Swiss cheese security? Play ransomware gang milks government of 65,000 files The Swiss government had around 65,000 files related to it stolen by the Play ransomware gang during an attack on an IT supplier, its National Cyber Security Center (NCSC) says. A total of 1.3 million files were stolen during the incident at software biz Xplain in May 2023, meaning 5 percent of the entire trove related to the …
"...A total of 1.3 million files were stolen during the incident at software biz Xplain in May 2023 ... An administrative investigation was launched in August..."
Hmm.
"... and is set to conclude this month. The resulting report will then provide actionable recommendations for the Federal Council to apply with a view to preventing future breaches."
I predict it won't work.
With the type of sensitive industries that Xplain AG works with, one would really expect them to encrypt all stored and transported data, and to keep backups at separate geolocations -- which should have prevented this major leakage and tedious reconstruction work. Their page on the "hacker attack" states that they have "replaced the external operators" as a result ... maybe they had outsourced to some less secure lower-bidder (not good!)?
I'm not sure whether encryption of storage or transport would have worked in this case. But I certainly agree that dealing with such sensitive data they should have had better preventive and detective measures in place (which is kind of self-explanatory ex post). I find a rather unsatisfying explanation what Xplain writes in the link you've provided («Hackers like "Play" group usually leave no traces»).
Surely, that must have been a mistake. I mean, why would someone attack Switzerland?! It is, after all, a neutral country and should therefore be exempt from any hostile activity. I do expect and hope that the Federal Council will, with utmost urgency, initiate an information campaign about the country's neutrality to prevent future attacks. Or isn't that what they do in other threat scenarios?
On a more serious note, it's not the only country with its national security freeloading on others. At least, with cyber security that doesn't work so well.
Not sure what you mean by: " it's not the only country with its national security freeloading on others. ". Firstly, it's surrounded very deeply on all sides by friendly countries, so it's military spending is anyway unlikely to be as high as any country bordering Russia for example. I don't see how that can be seen as 'freeloading'. One could equally say that they are in the middle of a stable region with friends on all sides because they are skilled diplomats. Also, having a low military spend as %age of GDP is as much due to having a very high GDP as it is to have low spending.
In any case being neutral is very very different from being unarmed and/or militarily unprepared. Switzerland has conscription (meaning even with a relatively small standing army it has a very large and well-trained reserve), and it's a big arms producer. On both counts it's probably quite small in absolute terms but very big considering small size and population.
I agree with you and am fully aware of Switzerland's privileged situation embedded within friendly neighbours.
With freeloading I was rather referring to its refusal to supply "spiritual allies" (being neutral, it cannot enter into military alliances), which indirectly also defend Switzerland's security in Russia's war(s), with munitions and even mine clearing equipment.
Switzerland's laws forbid exporting munitions to conflicting parties. On the other hand, they happily exported munitions to countries that have been involved in armed conflicts, e.g. USA, Saudi Arabia, UK, France. Mind you, in total it's not that big of a business, amounting to less than GBP1 bn per year.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
