Encryption Trojans and malicious emails in name of authorities on the rise

02.11.2017 - The 25th semi-annual report of the Reporting and Analysis Centre for Information Assurance (MELANI), published on 2 November 2017, addresses the most important cyber incidents of the first half of 2017 both in Switzerland and abroad. The encryption Trojans Wanna Cry and NotPetya, which made the headlines worldwide in spring 2017, are the focal point of the report.

According to Europol, over 230,000 victims in 150 countries were affected by the Wanna Cry encryption Trojan. Among these were companies such as Deutsche Bahn, the Spanish telecommunications company Telefonica and numerous hospitals in the UK. In Switzerland only a small number of private individuals and SMEs were affected. The focus is on the challenges which arise when systems are updated and highlights what should be borne in mind with data backups.

Increased misuse of authorities and well-known companies

In the first half of 2017, there was a significant increase in emails used to distribute malicious software which allegedly were sent by federal offices and well-known companies. This included an email which apparently came from the Federal Tax Administration (FTA) which held out the prospect of tax refunds. In another case, court summonses were sent which appeared to be from the cantonal police. Companies such as DHL, Swiss Post and Swisscom are regularly misused for emails which fake a high level of integrity.

Political events as triggers for cyber attacks

It is increasingly common for political tensions to be expressed digitally. Whereas building walls used to be sprayed with graffiti, nowadays hacktivists deface websites. This explains how discussions in Switzerland about Turkish President Erdogan lead to defacements of numerous Swiss websites. You can read how the attackers go about this in the 25th semi-annual report.

The report is published at:

Specialist staff
Last modification 02.11.2017

Top of page