Encryption Trojans and malicious emails in name of authorities on the rise

Berne, 02.11.2017 - The 25th semi-annual report of the Reporting and Analysis Centre for Information Assurance (MELANI), published on 2 November 2017, addresses the most important cyber incidents of the first half of 2017 both in Switzerland and abroad. The encryption Trojans Wanna Cry and NotPetya, which made the headlines worldwide in spring 2017, are the focal point of the report.

According to Europol, over 230,000 victims in 150 countries were affected by the Wanna Cry encryption Trojan. Among these were companies such as Deutsche Bahn, the Spanish telecommunications company Telefonica and numerous hospitals in the UK. In Switzerland only a small number of private individuals and SMEs were affected. The focus is on the challenges which arise when systems are updated and highlights what should be borne in mind with data backups.

Increased misuse of authorities and well-known companies

In the first half of 2017, there was a significant increase in emails used to distribute malicious software which allegedly were sent by federal offices and well-known companies. This included an email which apparently came from the Federal Tax Administration (FTA) which held out the prospect of tax refunds. In another case, court summonses were sent which appeared to be from the cantonal police. Companies such as DHL, Swiss Post and Swisscom are regularly misused for emails which fake a high level of integrity.

Political events as triggers for cyber attacks

It is increasingly common for political tensions to be expressed digitally. Whereas building walls used to be sprayed with graffiti, nowadays hacktivists deface websites. This explains how discussions in Switzerland about Turkish President Erdogan lead to defacements of numerous Swiss websites. You can read how the attackers go about this in the 25th semi-annual report.

Address for enquiries

Max Klaus, Deputy Head of the Reporting and Analysis Centre for Information Assurance MELANI, Federal IT Steering Unit FITSU
Tel. 058 463 45 07


Federal IT Steering Unit (ab 01.01.2021: Digitale Transformation und IKT-Lenkung)

General Secretariat DDPS