Xplain, a Swiss government software provider, has fallen victim to a ransomware attack. In doing so, federal government data was encrypted and stolen. The government also reports that its systems are bombarded with DDoS attacks.
The government reports both incidents in two separate press releases.
Hacker group Play steals data from Swiss government agencies
Switzerland has been under fire in recent days. Last week, the government reported that IT company Xplain had been hit by a ransomware attack. The cyber attack was noticed on May 23. Data was stolen and encrypted in the attack. Some of the captured data was made public on the dark web on Thursday, June 1 . Hacker group Play has claimed responsibility for the ransomware attack. The same group recently attacked a housing corporation from Zwijndrecht.
Various government agencies are customers of Xplain. Which data the hackers stole from which authorities is currently being investigated by cybersecurity experts. It is believed that ‘operational data’ has been affected. “Based on the information currently available, the federal government does not believe Xplain’s systems have direct access to the Confederacy’s systems,” the government said in a statement.
The incident has been reported to the National Cyber Security Center (NCSC). A report has also been filed with the police in the Swiss capital Bern.
Pro-Russian hacker group NoName bombards government with DDoS attack
In addition to a data breach, the Swiss government is also the target of a DDoS attack. Servers or computer systems are then flooded with data connection requests. The number of connection requests is then so high that the systems can no longer cope. The result is that services, websites and applications respond excruciatingly slowly or stop working altogether.
The government reports that several federal government websites have been shut down by the DDoS attacks. The central government website is still working. The NCSC is investigating the attack and is taking ‘appropriate measures’.
According to the government, the pro-Russian hacker group NoName is behind the DDoS attack. The same group was responsible for the cyber attack on the website of the Swiss parliament last week. The reason for that attack was that parliament was discussing at the time whether Switzerland should give up its neutrality in the conflict between Ukraine and Russia or not to send goods to the Eastern European country.