In the first half of 2022, with the escalation of the Russia-Ukraine conflict, many experts feared a wave of cyberattacks against Western countries. The Swiss NCSC published its assessment: no abnormal increase in direct attacks against Swiss infrastructure or companies was detected during the period.
The situation in Switzerland
Switzerland, owing to its position of neutrality, was not targeted by the hacktivist campaigns that instead struck NATO countries and openly aligned European governments. Nevertheless, the NCSC maintained an elevated alert level and recommended that organisations review their security measures.
The indirect risk
Even without being a direct target, Swiss companies are exposed to indirect risks:
- Supply chain attacks — a supplier or international partner that is compromised can become a vector for infection
- Stray malware — some offensive tools developed for the conflict spread beyond their intended targets
- Opportunistic campaigns — periods of high geopolitical tension often coincide with an increase in financial fraud and targeted phishing
What to do
The NCSC reiterated its baseline recommendations, with particular emphasis on:
- Reviewing remote access (VPN, RDP)
- Verifying backups and simulating restoration
- Monitoring communications with foreign suppliers and partners
- Updating incident response plans
The underlying message: the relative calm of the first half of the year is not a pass. Security posture must be maintained regardless of geopolitical developments.
Sources
- NCSC — Semi-annual report 2022/1: ncsc.admin.ch — Halbjahresbericht 2022/1