Improved measures to combat cybercrime on .ch or .swiss internet sites
Bern, 15.09.2017 - Taking the fight to cybercriminals who use .ch or .swiss addresses for illicit purposes: this is one of the objectives of the revision of the Ordinance on Internet Domains (OID), approved by the Federal Council on 15 September 2017. The new text makes it possible to block not only the addresses of the sites which try to launch phishing attacks on web users or which spread malicious software but also those which indirectly support such activities. The Ordinance also lays down the conditions which make it possible to analyse the traffic to these addresses, in particular to identify infected computers and to inform victims. Finally, the ordinance grants the Federal Council the authority to define who should be eligible to hold .swiss domain names.
Since their entry into force in 2010, the provisions which make it possible to combat cybercrime performed using domain names have largely proved successful; in fact, the .ch and .swiss domains are among the safest in the world. However, the methods employed by cybercriminals are constantly evolving. This evolution has made it essential to amend the OID, making it possible to take into account the recommendations of the Internet Corporation for Assigned Names and Numbers (ICANN), the organisation in charge of internet domains at the global level.
Combatting phishing and malware
The Federal Council has given the green light to the new provisions in the ordinance, which will enter into force on 1 November 2017. In relation to combatting cybercrime, all cases in which a domain name is used for phishing activities or to spread malware are now subject to the legislation. It will therefore be possible to block .ch or .swiss internet sites which, even if they do not directly engage in illicit activities, support them or relay them. In addition, the new rules define more precisely the provisional measures which can be imposed by the authorities. In particular, the authorities can request that traffic bound for a potentially dangerous internet address be diverted to them. This measure will make it possible to identify those servers which have been infected, so as to inform the victims and also to perform technical analysis of the criminal activity in order to develop ways of combatting it. Furthermore, from now on it will be possible to reject the assignment of .ch and .swiss domain names if this could be used for illicit purposes. The new legal basis also facilitates administrative assistance and co-operation with those private-sector bodies which combat cybercrime.
Assignment of .swiss domain names
For their part, the rules relating to .swiss are amended on the basis of the experience acquired during the first two years of operation of this domain. The rules maintain the principle according to which .swiss addresses can be assigned only to persons registered as individual businesses in the Commercial Register and not to private individuals. Indeed, this domain has acquired the status of an internet shop-window for Swiss businesses and institutions and is a complement to the very popular .ch domain. A general liberalisation would threaten the current image and positioning of the .swiss domain at the national and international level. From now on, the authority to decide on any relaxation of the eligibility conditions for holders of a .swiss address will reside with the Federal Council.
Address for enquiries
Press Service
Federal Office of Communications OFCOM
+41 58 460 55 50
media@bakom.admin.ch
Publisher
The Federal Council
https://www.admin.ch/gov/en/start.html
General Secretariat of the Federal Department of Environment, Transport, Energy and Communications; General Secretariat DETEC
https://www.uvek.admin.ch/uvek/en/home.html
Federal Office of Communications
http://www.ofcom.admin.ch
