In 2021, Check Point Research (CPR) security experts recorded a significant 65% surge in attacks on corporate networks within Switzerland. This trend particularly impacts SMEs, as Nicolas Mayencourt, founder and CEO of cybersecurity firm Dreamlab Technologies, warns.
Driven by the pandemic and exacerbated by the conflict in Ukraine, the frequency and severity of cyberattacks have seen a continuous upswing in recent years, at times causing spectacular damage. For instance, in June 2023, a wave of coordinated offensives targeted not only the military and federal administration but also Geneva's airport, numerous cities, and various businesses. These attacks, progressively more professional and often automated, are also becoming increasingly costly for companies. Globally, experts estimate that their financial toll will surpass 10 trillion Swiss francs by 2025. In 2022 alone, Swiss companies reported 34,000 cases, with one in every three SMEs already having encountered such threats. Nicolas Mayencourt, founder and CEO of Dreamlab Technologies, shares insights into the challenges presented by this predicament.
Why are Switzerland and its SMEs prime targets for cybercriminals?
Nicolas Mayencourt: Switzerland boasts prominent pharmaceutical and electronic industries and is one of the world's primary financial hubs. We are practically the global leader in commodities trading and one of the main host countries worldwide. Consequently, Switzerland remains a prime target for cybercriminals. However, our country is ranked only 42nd in the Global Cyber Security Index of the International Telecommunication Union (ITU), behind countries like Tanzania or Kazakhstan.
Despite an increasing awareness due to a series of significant incidents, many SMEs do not see themselves as potential targets or do not grasp the extent of the damage caused by these attacks. Since they don't perceive the cyberspace, they often underestimate the severity of the damage, underestimate their vulnerability, and fail to implement necessary defense measures. However, the number of malicious programs in circulation is constantly increasing, with over 400,000 new variants emerging every day.
What are the potential consequences of a cyberattack?
Mayencourt: Countless companies find themselves grappling with a complete shutdown of their operations spanning several days, and in certain cases, even weeks. Core functions like email communication and internal networks become inaccessible, triggering paralysis within accounting and customer service departments. Moreover, the theft of customer data poses a significant predicament. Cyberattacks also possess the capability to tarnish a company's reputation, resulting in compensation claims and damages arising from industrial espionage.
Are particular economic sectors more affected than others?
Mayencourt: We are witnessing a shift in criminal activities towards targets that are relatively less protected, such as SMEs. For cybercriminals, the appeal of ransomware-as-a-service (RaaS) has surged significantly. This enables virtually anyone to deploy software designed to immobilize computers or files, subsequently demanding a ransom in exchange for restoring access, all without necessitating a high degree of technical expertise. RaaS toolkits are conveniently available for rent on the Dark Web, with 24/7 customer support, for just a few hundred francs. Furthermore, an increasing number of criminals are now targeting entire supply chains. Rather than attacking the ultimate end target directly, the strategy revolves around infiltrating all the suppliers and vendors associated with a company, thereby enhancing the likelihood of identifying potential vulnerabilities.
Given that SMEs lack the resources of larger corporations, what strategies can they adopt to ensure a minimum level of protection?
Mayencourt: The encouraging news is that even with limited resources, safeguarding against cyberattacks is feasible. This can be achieved by ensuring consistent updates and proper configuration of software and firewalls, alongside raising awareness among employees. Undoubtedly, the human factor remains pivotal. Well-trained staff members serve as the most potent weapon in the battle against cybercrime.
You addressed the Cyber parliamentary group in Bern last year. How can both the Confederation and the cantons promote the overall protection of SMEs?
Mayencourt: It is imperative for public authorities to assume a degree of responsibility in safeguarding Swiss SMEs, while simultaneously bolstering their own security measures. Setting a precedent in this regard would unequivocally serve the collective interest of Switzerland, given that the nation's competitive edge is inextricably linked with the performance of these enterprises. There exists a potential to establish a set of binding regulations that govern the actions, rights, and obligations of SMEs concerning cybersecurity. Additionally, public entities could introduce an incentivizing system, partially or entirely offsetting the investments required to construct adequately secure information systems within SMEs. Furthermore, the State should outline and undertake diverse cybersecurity missions, analogous to its role in safeguarding airspace, national borders, and critical infrastructures.
