In recent months, hundreds of Swiss companies and administrations have been victims of cyber-attacks by “ransomware”. It’s a real industry. Globally, cybercrime could cost $10 trillion by 2025, according to Forbes magazine.
The “ransomware” ecosystem has evolved significantly in 2022 with cybercriminals moving from large, landscape-dominating groups such as the infamous Hive or BlackCat to smaller, more flexible on-demand businesses, attracting less attention from police.
Over the years, cybercriminal groups have evolved in their modus operandi. They are becoming more and more professional. They pool their resources and collaborate all over the world.
Criminal “kit”.
For Olivier Spielmann, Senior Vice President of Global Managed Detection and Response at Kudelski Security, hackers have become service providers. From sending emails to searching for software vulnerabilities on Microsoft or macOS, to laundering money, cybercriminals each have their own specialty.
“It’s a kit. You pay for the number of victims. In general, the ‘service’ provider will receive a percentage of the margin on ransom transactions,” describes Olivier Spielmann on Monday in La Matinale de la RTS.
Partial stats
The National Center for Cyber Security (NCSC) does not have enough data to reliably estimate the amounts paid. The NCSC has opened a one-stop shop for individuals and SMEs to report cyber incidents on a voluntary basis.
The statistics are biased, but cybercriminals act the same way. According to Pascal Lamia, deputy federal delegate for cyber security, the sums requested vary according to the profile of the victim.
>> Read also: Sudden and unpredictable, should cyber attacks be insured?
The need for more response
“Cybercrime is completely horizontal in the criminal ecosystem. The resources are huge. On the other hand, if states do not set up platforms that allow law enforcement, justice, academia and civil society to work together very smoothly and in a very operational way, we are not suited to the threat”, estimates Stéphane Duguin, director of the CyberPeace Institute, based in Geneva.
The problem is “big”, but politics “is starting to move”, especially with the creation of a Federal Office for Cyber Security, estimates Gerhard Andrey, national councilor (Les Verts/FR) and entrepreneur in the digital world. But he believes the Federal Department of Defense was “not the right place” to create such a service.
According to him, there is a “risk of not having enough confidence” when a company needs to report a cyberattack, because the NCSC is in the same department as the Intelligence Service. Gerhard Andrey is in favor of critical infrastructures, in the broadest sense, which are obliged to report cyberattacks to the federal government.
In 2022, in Switzerland, the National Security Center received 34,000 reports at its counter, of which 159 represented by ransomware, more than double compared to 2020.
>> Gerhard Andrey’s interview in La Matinale:
Miruna Coca-Cozma/vajo