National Cybersecurity Centre – Semi-Annual Report 2020/2

The NCSC’s first semi-annual report deals with the most important cyberincidents of the second half of 2020 in Switzerland and internationally. It replaces the former MELANI semi-annual report. The main topic is digitalisation in the healthcare sector and the challenges it faces with regard to current cyberthreats.

“…In Switzerland, as in Europe, the healthcare sector urgently needs to adapt its infrastructures. At the same time, the regulatory changes under way and the growing pace of digitalisation in healthcare offer a fantastic opportunity to our industry. Our French neighbours are well aware of this challenge. On 18 February, France’s president announced a new strategy for developing the cybersecurity sector, involving the allocation of EUR 1 billion for cyber-issues, in particular the creation of a cybercampus. Under this plan, EUR 515 million have been allocated to developing sovereign solutions and EUR 176 million to public sector needs, especially those of hospitals and authorities…”

Source and Report : NCSC

Thinking like the «bad guys» for a secure cyberspace

As Scientific Project Manager at armasuisse Science and Technology (S+T), Dr. Alain Mermoud is responsible for Technology Monitoring and Forecasting. Together with Dr. Mathias Humbert, responsible for Privacy and Machine Learning at armasuisse S+T, he is organising the Cyber-Defence Campus Conference from November 3 – 4 in Lausanne.

Is it common practice in the cyber world to align yourself to the «bad guys» processes?

Of course, the police does the same. A good policeman also thinks: «What would the thief do?» Or if you want to make your house safe from burglars, you also have to consider whether they will come in through the window, or through the roof, etc. In addition to my job at armasuisse, I’m also active as an intelligence officer in the Swiss armed forces. The principle is exactly the same there – you have to think like «red» in order to decide what you can do best as «blue». As a defender, it definitely helps to think like an attacker.

So the best cyber specialists are former hackers?

One can say that many cyber-security specialists come from a hacking background. This doesn’t mean that they have a criminal past, as there is such a thing as ethical hacking. The decisive factor is how the knowledge and motivation are used. That’s the difference between «white hat» hackers – the «good guys» and «black hat» hackers, the «bad guys», if you like.

You talk about threat intelligence and open source platforms. Can you explain more about these?

There are various platforms – such as MISP or Open Threat Exchange – on which ethical hackers, as well as companies, can exchange information on potential dangers. One example is MELANI-NET, on which an exchange of information on critical infrastructures, such as hospitals, the SBB or banks, takes place every day.

Source and full article : armasuisse S+T

Coronavirus and cybercrime in Switzerland

The coronavirus has turned our everyday lives upside down, and society has found itself in an extraordinary situation. The inherent uncertainty has meant that people need more information and protection, not to mention new working conditions – and criminals are cleverly exploiting this situation. When the lockdown hit, the internet all of a sudden became the virtual solution to almost everything. As the registry for .ch domains, the IT infrastructure provider for universities and a multi-sector CERT, SWITCH has a good overview of the cybercrime occurring in the shadow of the rapid rise of the digital economy.

[…] One development that could be established, though, was a rise in the number of phishing attacks on Swiss internet users working from home. The fact that people are working outside the largely protected network at their regular place of work has only made these attacks easier to carry out. The attacks that SWITCH-CERT has observed were deliberately aimed at higher education staff and users of Swiss IT service providers such as web hosting services. Fraudsters then often abused the web hosting access credentials they got their hands on to host additional phishing sites on the existing domain names and web servers. Fortunately, these compromises were identified and eliminated quickly. Various hosts have warned their customers of the attacks, and MELANI (the Reporting and Analysis Centre for Information Assurance) has also reported a spike in phishing activities.

[…] The rise in cybercrime connected with the coronavirus pandemic highlights yet again just how fragile the internet infrastructure really is. Applying security standards such as DMARC and DNSSEC should therefore be given urgent priority to strengthen digital Switzerland’s resilience for the future and thus make it more difficult for scammers to carry out image-damaging cyber attacks.

Source and full article : Switch