Switzerland: Probably sensitive federal data on the Darknet

B2B Cyber ​​Security ShortNews

Share post

At the beginning of November, the Swiss software company Concevis was attacked by ransomware, all servers were encrypted and the data was stolen. The software is also used in federal, cantonal and city public administrations. According to Tagesanzeiger.ch, the first data has now appeared on the Darknet via an insider.

In addition to Concevis AG, the National Cyber ​​Security Center (NCSC) also provides information about the cyber attack on the systems and which official bodies in the federal government, cantons and cities may be affected because they use Concevis software solutions. The company itself said it took immediate measures to ward off and contain the attack. As part of this attack, data on the company's servers was stolen and encrypted. The exact extent of the data outflow is still part of the ongoing analyses.

First data on the dark web?

According to NCSC, Concevis' customers also include various administrative units of the federal administration. According to current knowledge, the Federal Office for Civil Protection, the Federal Office for Spatial Development, the Federal Statistical Office, the Federal Office for Civil Aviation, the Federal Tax Administration and the Training Command are on Concevis' customer list. It is currently being clarified which positions and data are specifically affected.

According to the tagesanzeiger.ch The tax administration has now apparently revealed the first fragments of the attack on the dark web. An unknown insider found the data and shared excerpts from it with the Tagi editorial team. They are intended to show highly sensitive information from US customers to Swiss banks. This probably also includes their name, country of residence, passport and account number.

Initial sources suspect Phobos ransomware

The NCSC coordinates further clarifications and measures within the federal administration. It is in contact with the Concevis company as well as the law enforcement authorities and the affected administrative units of the federal administration and will inform the public about further findings in due course.

According to information from the NZZ The ransomware used to encrypt the Concevis systems is said to be Phobos. Loud According to an analysis by Cisco Talos, Phobos ransomware is a further development of the Dharma/Crysis ransomware. This has probably only experienced minimal developments since it was first observed in 2019.

More at NCSC.Admin.ch


Matching articles on the topic

Report: 40 percent more phishing worldwide

The current spam and phishing report from Kaspersky for 2023 speaks for itself: users in Germany are after ➡ Read more

BSI sets minimum standards for web browsers

The BSI has revised the minimum standard for web browsers for administration and published version 3.0. You can remember that ➡ Read more

Stealth malware targets European companies

Hackers are attacking many companies across Europe with stealth malware. ESET researchers have reported a dramatic increase in so-called AceCryptor attacks via ➡ Read more

IT security: Basis for LockBit 4.0 defused

Trend Micro, working with the UK's National Crime Agency (NCA), analyzed the unpublished version that was in development ➡ Read more

MDR and XDR via Google Workspace

Whether in a cafe, airport terminal or home office – employees work in many places. However, this development also brings challenges ➡ Read more

Test: Security software for endpoints and individual PCs

The latest test results from the AV-TEST laboratory show very good performance of 16 established protection solutions for Windows ➡ Read more

AI on Enterprise Storage fights ransomware in real time

NetApp is one of the first to integrate artificial intelligence (AI) and machine learning (ML) directly into primary storage to combat ransomware ➡ Read more

FBI: Internet Crime Report counts $12,5 billion in damage 

The FBI's Internet Crime Complaint Center (IC3) has released its 2023 Internet Crime Report, which includes information from over 880.000 ➡ Read more