First Swiss NCSC semi-annual report with focus on healthcare

The National Cybersecurity Centre (NCSC) has been operational since July 1, 2020. The NCSC’s first semi-annual report deals with the most important cyberincidents of the second half of 2020 in Switzerland and internationally. It replaces the former MELANI semi-annual report. The main topic is digitalisation in the healthcare sector and the challenges it faces with regard to current cyberthreats.

As elsewhere, digitalisation is advancing inexorably in the healthcare sector. Globalised supply chains, computer-controlled logistics and electronic patient records confirm this. But increasing digitalisation also provides cybercriminals with potential points of attack. Successful attacks in the healthcare sector have far-reaching consequences. A data leak can affect particularly sensitive personal data. Furthermore, functional failures of IT systems or even temporary unavailability of data can endanger people’s health or even their lives. The semi-annual report examines recent cases and the necessary protective measures.

Ransomware harbours the greatest potential for damage

Incidents with encryption Trojans (ransomware) are among those with the greatest potential for damage, as business interruptions and recovery involve high costs and can, in the worst case, lead to a complete loss of data. The attackers demand high ransoms for the prospect of decrypting the data. In the second half of 2020, the NCSC received 34 reports on these from various economic sectors in Switzerland. Around 80% of the reports concerned small and medium-sized enterprises (SMEs). Another malware made the headlines worldwide last year. After a lull of several months, the NCSC again observed various spam waves involving Emotet malware from July 2020 onwards. Originally known as an e-banking Trojan, Emotet was more recently used primarily for sending spam and subsequently loading other malware malware until Europol announced on January 27, 2021 that the “Emotet Botnet” was taken down by a coordinated international Law Enforcement action. The semi-annual report provides an insight into how Emotet works.

Widespread cases of fraud

In the second half of 2020, the NCSC contact point received a total of 5542 cyberincident reports from private individuals and companies. Of these, the 2917 reports of fraud continued to account for the largest share. The most frequently reported are advance fee fraud, fake sextortion and fee scams.

On our own behalf

The Reporting and Analysis Centre for Information Assurance (MELANI) became part of the NCSC when the Ordinance on Protecting against Cyber-Risks in the Federal Administration came into force on 1 July 2020. Consequently, the NCSC also became responsible for producing the semi-annual reports. The NCSC website, which includes a cyberincident reporting form aimed at the public, has also been online since the end of 2020. Anyone who submits a report is automatically redirected to a set of suggestions on how to proceed and receives first-level support. Reports from the public make an important contribution to the NCSC’s ability to quickly identify trends, take appropriate countermeasures and obtain a picture of the cybersituation that is as complete as possible.

The NCSC semi-annual report can be had here.