Switserland: Federal Passwords and Classified Information Stolen

May 23, 2023

On May 23, the Play ransomware group claimed it attacked Xplain – a Swiss IT firm providing services to several federal agencies in the country. The ransomware group leaked the files it stole from the company on June 1, which it claimed included 907 GB of financial and other data.

In March, 2024 SWI news reports that federal passwords and classified information were stolen in the >2023 cyberattack

read more

Swiss Drug Manufacturer Siegfried Shuts Down Production after Cyberattack

May 21, 2021

The Siegfried Group suFfered a cyber attack shortly before Pentecost. THe Swiss company shut down production at multiple sites, cut off network connections, and scoured its information technology systems. Among other things, Siegfried packages the Pfizer-BioNTech COVID-19 vaccine.

As a result of the attack, there will be certain volume and revenue shortfalls in the first half of the year. Based on the results of the forensic investigations, which are well advanced, the Siegfried Group continues to assume that no sensitive customer data were affected by the incident.

read more

All Rosenbauer Group Locations Affected by Ransomware Attack claimed by Lockbit

February 24, 2023

The Rosenbauer Group is currently the target of a cyber attack. As a precautionary measure, parts of the IT infrastructure were switched off. The measures affect all Rosenbauer locations. The Rosenbauer Group is one of the world’s three largest manufacturers of fire-service vehicles and firefighting equipment.

The exact extent and duration of the attack as well as its consequences cannot yet be estimated. An immediately established task force is working with external cybersecurity experts and data forensics to restore system operations safely and as quickly as possible. According to current knowledge, neither customer nor company data was stolen or encrypted. The responsible authorities were called in.

The LockBit 3.0 ransomware group listed the company as one of its victims.

read more

Operations Disrupted at Machine Manufacturer, Bobst.

April 8, 2023

Bobst, the Vaud-based machine manufacturer, suffered two targeted cyberattacks over Easter weekend, Emergency measures had to be taken to protect critical IT systems by isolating them. This resulted in production, customer service and research and development operating in degraded mode.

Work gradually resumed at the group’s various global sites between April 12 and 18, while the systems were reconnected. The calmer holiday period helped smooth out the impact.

read more

Swiss-based Bernina International Reports Cyberattack

April 5, 2023

Swiss-based Bernina International AG, a leading manufacturer of sewing and embroidery machines, reported that it fell victim to a cyberattack after being added to the victim list of the ALPHV ransomware group.
The group claim to have gained access to vast data, including customer, client, and employee data, NDA contracts, and drawings.

The attack’s impact has been felt in the company’s offices in Switzerland and Thailand, with tapes and NAS wiped clean. Additionally, the attackers successfully encrypted seven Hyper-V.

read more

NoName Hits Swiss Governments and Rail sites with DDoS Attack

June 12, 2023

Swiss federal government websites and the online portal of the Swiss Federal Railways have been victims of malicious online attacks. Several websites of the federal administration are currently unavailable, Swiss public radio, SRF, reported on Monday.

According to the finance ministry, the sites were hit by a so-called DDoS attack, which aims to overload websites and applications with targeted requests so that they are no longer accessible. No data is lost in a DDoS attack.

The pro-Russian hacker group “NoName” has claimed responsibility for the attack on the federal government on its own Telegram channel, Tages-Anzeiger newspaper said. This group was also behind the attack on the Swiss parliament website (www.parlament.chExternal link) last week.

read more

Swiss, German-Language Newspaper NZZ Shut Down Production

March 24, 2023

The “Neue Zürcher Zeitung” continues to struggle with problems two weeks after a cyberattack on its computers. The publisher shut down central systems for newspaper production and had to pre-produce the Saturday edition on Thursday of last week. The company announced on Saturday that this “exceptional situation” was also associated with a reduction in scope.

Due to the cyberattack, some systems and services are still not available. NZZ’s IT team is working with external specialists on corrective measures, it said. Newspapers from CH-Media-Verlag, which obtains IT services from NZZ, also appeared on a reduced basis over the weekend.

A ransomware attack on the infrastructure of NZZ’s parent, NZZ Mediengruppe in Zürich, became known two weeks ago. 500GB data stolen from this was later published on the dark web.

Additional impact at three media companies:
On May 3, CH Media confirmed that data had been published, saying, “initial analyses show that the data is from our delivery organisations”.
The Blick Group is affected as a company that belongs to CH Media is responsible for the postal delivery of the Blick newspapers, and is directly affected by the cyber attack.
Customer data from Tamedia newspapers is also said to be affected

read more

ABB Hit in Cyberattack, Operations Suffer

May 7, 2023

Swiss multinational company ABB, an electrification and automation technology provider, suffered a cyberattack that disrupted its operations.
Zurich, Switzerland-based ABB released a statement on the incident:
“ABB recently detected an IT security incident that directly affected certain locations and systems.
“To address the situation, ABB has taken, and continues to take, measures to contain the incident. Such containment measures have resulted in some disruptions to its operations which the company is addressing. The vast majority of its systems and factories are now up and running and ABB continues to serve its customers in a secure manner.

read more

Hackers Paralyze only Newsprinting Facility in Switzerland

January 7, 2022

The machines at the Perlen paper factory in the Lucerne town of the same name are at a standstill due to a hacker attack. Newsprint and LWC production at Perlen and packaging production in Müllheim, Germany, which has been down since 7 January, restarted 6 days later on January 13. The chemistry division was not affected and was therefore able to continue production normally.

The factory normally outputs 1400 tons of newsprint paper per day. In a statement, the CPH Group said all IT systems were shut down on the 7th out of an abundance of caution and to contain any spread, strongly suggesting but not confirming they were a ransomware victim. They resumed production in January 13, after 6 days of downtime.

read more

IT Systems Shut Down after Ransomware Attack at Glutz, a Swiss Specialist in Access Solutions

November 28, 2022

Glutz, a specialist in access solutions, fell victim to a ransomware attack at the end of November. Cyber ​​criminals encrypted data on the systems, as the Solothurn-based company announced at the time. As a security measure, all internal IT systems have been shut down.

“Since December 7th we have been working again in limited normal operation,” writes Marco Hauri, CEO, at the request of inside-it.ch. Telephony and e-mail communication could be used consistently. The costs incurred by the attack cannot be estimated at this time.

read more