Swiss Federal Council’s advisory board calls for measures to combat cyber risks in fin sector
The establishment of preventive measures specifically tailored to the financial market is seen as urgent.
The Swiss Federal Council strategic advisory board has drawn up a financial market policy overview for the past year, outlining a number of recommendations to the government.
The advisory board considers among priority tasks that the authorities and financial institutions jointly and rapidly establish an effective crisis organisation to combat cyber-risks. This view is based on the fact that, for some years now, Switzerland has followed a particularly innovation-friendly approach, providing conditions for fintech development that are excellent by international standards.
However, unprofessionally managed major incidents caused by cyberattacks involving contagion could rapidly destroy these very good conditions for the new financial sector technologies in Switzerland. The establishment of preventive measures specifically tailored to the financial market is thus seen as urgent.
Let’s note that, Switzerland’s Reporting and Analysis Centre for Information Assurance (MELANI) has been regularly updating the information about cyber threats targeting Swiss entities. MELANI’s 29th semi-annual report which addresses the most important cyberincidents of the first half of 2019 both in Switzerland and abroad noted the Lazarus attacks targeting Swiss banks.
In March 2019, security software company McAfee published a follow-up to its December 2018 report on the Sharpshooter campaign. The campaign targeted 87 companies from all over the world, but mainly in the US. The companies concerned were from the defence, energy, nuclear and financial sectors.
In its second report, McAfee confirmed their initial suspicion that the Lazarus group was behind the attacks. The group is well known for having attacked systems at various banks and is considered by many experts to be connected to the North Korean regime.
In its first report on the matter, McAfee described attempted attacks against Swiss financial institutions. In its latest report, MELANI said it is in contact with a number of banks, as mentioned in the preceding semi-annual report.
“Then as now, no evidence of infection has been found at the potential target companies in Switzerland”, said MELANI.
Let’s recall that, in September 2019, posted a notice regarding malware that is increasingly targeting potential victims. MELANI said it has observed a wave of instances of infections via “Emotet / Heodo” malware. Emotet is a banking trojan malware program which obtains financial information from the affected machine.
According to the Centre, criminals are sending emails with infected attachments (typically, a Word document). MELANI advises not to open the documents in emails from suspicious sources. However, these emails often mimic known sources. The rule of thumb is that in case of doubt one should call the sender to verify the email is a genuine one.
In the event of an infection, MELANI recommends that you immediately disconnect the computer from all networks. It is essential that the system should be reinstalled following this and that all passwords should be changed.