Switzerland's Security Situation: Hybrid Threats Require Fundamental Defense Strategies

Switzerland's security environment is becoming more complex from year to year, as reported by the Federal Intelligence Service (FIS) [Nachrichtendienst des Bundes (NDB)] in its annual report “Swiss Security 2024”. Of particular concern are international terrorism, current military conflicts, and increasing cooperation between various autocracies that cooperate at a political and military level. This development also, directly and indirectly, impacts cyber security in Switzerland, as cyber-attacks by state and non-state actors are becoming increasingly frequent and complex.

The “Report on Switzerland's Security Situation 2024” shows that Switzerland is exposed to external threats due to global instability and geopolitical tensions. Key challenges include Russia's war in Ukraine, rising authoritarianism, terrorism, and cyber threats, all of which contribute to an unpredictable security environment. Cyber security threats are increasing: APTs, ransomware, and state-sponsored espionage, bringing risks to critical infrastructure and demanding a continuous upgrade of digital defense systems. Switzerland must adapt to protect its national interests by increasing cyber resilience, raising public awareness, and strengthening international cooperation.

Cyber-attacks in a new dimension

Cyber security plays a central role in national defense now and in the future, as critical infrastructures such as energy supply, transport, and water supply are becoming increasingly digitalized and, therefore, more vulnerable to cyber-attacks. Ransomware (software that encrypts data and only releases it in exchange for ransom or political concessions) is considered by the FIS as a primary factor threatening the security of critical infrastructures through cyber-attacks.

According to the FIS, attacks that are “only” aimed at financial gain also pose an acute threat. These attacks are often carried out by cyber criminals who exploit vulnerabilities in IT systems to disrupt critical infrastructures or steal sensitive data. Another - politically motivated - problem area is hacktivists, who use distributed denial of service (DDoS) attacks to paralyze websites and online services. In 2024, for example, the websites of various Swiss companies and authorities were affected by several DDoS attacks during the peace summit for Ukraine on the Bürgenstock. While these attacks were previously mainly aimed at attracting attention, the FIS warns that they could develop into targeted sabotage attempts that cause lasting damage to IT systems.

The threat of cyber espionage also remains high. As there are many worthwhile espionage targets in Switzerland, intelligence services worldwide are looking for ways to gain access to sensitive data, innovations, and technologies through cyber-attacks and data theft. The FIS currently sees the greatest espionage threat to Switzerland in the Russian intelligence services.

Focus on critical infrastructures

Attacks aimed at the increasingly digitalized processes in critical sectors such as energy, transport, and water supply pose a significant risk. The NDB sees cyber-attacks on critical infrastructures as a growing problem, as older industrial control systems in essential service sectors are particularly vulnerable to cyber-attacks due to their generally inadequate security measures. Groups such as the pro-Iranian Cyber Av3ngers have already been able to exploit vulnerabilities and will continue to do so.

Direct acts of sabotage by foreign states have not yet been confirmed, but collateral damage from international cyber-attacks could also affect Swiss infrastructures. The increasing interconnectedness of critical infrastructures and the deep national and global integration and complexity within the hardware and software supply chain also increase the risk of a failure of this infrastructure. Vulnerabilities in third-party software or suppliers have already led to significant ransomware attacks in various sectors and the disruption of specific business processes that depend on third parties or the publication of data and information from a supplier or service provider. As even indirect cyber-attacks can cause far-reaching disruption, the FIS classifies the risk of indirectly falling victim to an attack as “increased” for critical infrastructures in Switzerland.

Preventive measures for greater cyber security

Switzerland's state, institutions, and companies must continuously adapt their cyber security strategies to prevent growing hybrid threats. This includes awareness, regular security checks, closing vulnerabilities in software and systems, and using the latest technologies, such as artificial intelligence, to detect threats.

Close cooperation between public institutions and private companies is also crucial for strengthening cyber security at a national level. The NDB advises sharing information on current threats and jointly developing prevention measures. Another priority is to raise public awareness of phishing and social engineering issues to prevent attacks aimed at human error at an early stage.

Speaking of preventive measures: for detailed defense strategies, we have developed a 24-page guide on detecting and combatting advanced threats. Download your copy for more.