HQ/EMEAFind out how we can help your business
The Swiss government notified its people that a recent ransomware campaign on one of its IT suppliers could result in the exposure of their data. According to the notification, the government is a subject of a targeted DDoS attack.
This incident is a prime example of how an organisation could suffer once they utilise an unsecured third-party service to store their data.
The Swiss government announced a ransomware attack.
Earlier this week, the Swiss government revealed their systems suffered after a ransomware attack on Xplain (a Swiss tech provider).
The IT company was allegedly infiltrated by the Play ransomware group last month. The threat actors claimed that they had stolen various documents that contained confidential, personal, financial and taxation data.
Eventually, the ransomware group exposed the entire data dump, presumably after the Xplain IT services provider failed to comply with the actors’ demand.
The investigation revealed that the Swiss government was severely affected after the attack on the vendor provider. According to the researchers, the actors posted information owned by the Swiss Federal Administration.
However, the government has not admitted anything as the clarification and investigation are ongoing. They are also waiting if there are additional details that they own in the attack. Some researchers believe that the government should assume that their operational data is in the published information.
In the latest development on this incident, a second press release of the Swiss government portal today warns of access problems on various Federal Admission websites and online services.
According to the Swiss government, the cause of the outage is a DDoS attack allegedly deployed by the NoName group. These malicious actors are a pro-Russian hacktivist group targeting NATO members and other North American, Europe, and Ukraine entities.
The DDoS resulted in the inaccessibility of several Federal Admission websites earlier this month. The Federal Administration security team immediately noticed the attack and quickly executed security protocols to restore the websites and applications.
Lastly, the press release stated that the NoName threat group compromised the parliament website earlier this week when its members discussed if Switzerland should abandon its neutrality in sending aid to Ukraine.
