For secure dealings with the internet of things

Berne, 20.04.2017 - The 24th semi-annual report of the Reporting and Analysis Centre for Information Assurance (MELANI), published on 20 April, addresses the most important cyber incidents of the second half of 2016 both in Switzerland and abroad. The focal point of the report is the internet of things, which is becoming increasingly significant.

According to estimates, more than 6 billion devices attributable to the internet of things were already connected to the internet in 2016. That figure is set to be around 20 billion by 2020. Everything is being connected to the internet, from so-called "wearables", i.e. applications that are sewn into clothes or worn on the user's body, such as smartwatches and fitness trackers, to self-driving cars and control systems in large building complexes. However, the manufacturers and users often fail to pay enough attention to the security aspects. The semi-annual report demonstrates the problem and gives recommendations for secure dealings with the internet of things.

Switzerland as an indirect target of cyber espionage

Espionage campaigns with a link to Switzerland even though Switzerland was not the actual target of the operations became public in the second half of 2016. During the reporting period, the World Anti-Doping Agency and the Court of Arbitration for Sport were in the centre of attention. Switzerland was thus in focus because the latter institution has its headquarters in Lausanne. In the case of the World Anti-Doping Agency the obvious target was the anti-doping data of certain athletes worldwide. In the case of another attack that took place quite some time ago but became known only recently with the publication by the group "Shadow Brokers", three servers at the University of Geneva were affected. The semi-annual report examines these attacks and gives the reasons why Switzerland can also become the indirect target of cyber espionage.

Continuation of extortion attacks and attempted fraud

Also in the second half of 2016, MELANI noticed numerous attempts at cyber fraud that could result in primarily companies losing a lot of money. DDoS attacks and encryption Trojans likewise remain extremely popular with attackers for blackmailing their victims. The report looks at this issue, describes some incidents and provides recommendations for protecting against such attacks.

Address for enquiries

Max Klaus, Deputy Head of the Reporting and Analysis Centre for Information Assurance MELANI
Federal IT Steering Unit FITSU
Tel. 058 463 45 07


Federal IT Steering Unit (ab 01.01.2021: Digitale Transformation und IKT-Lenkung)

General Secretariat DDPS