17.06.2024 - As expected, the overload attacks continue even after the conclusion of the high-level conference on peace in Ukraine. The websites of the organisations involved in the conference are still being targeted. The National Cyber Security Centre is monitoring the situation and is in contact with the organisations concerned.
Update: Even after the conclusion of the high-level conference on peace in Ukraine, the overload attacks on websites of organisations involved continue
Announcement of 16 June 2024 - 12:30 pm
Update: Power cut in Bern: technical failure and not a cyber incident
16.06.2024 - 12:30 pm - According to the latest information, the power outage in Bern this Sunday morning was a technical fault and not a cyberattack. All of the Confederation's mission-relevant systems and the systems of the organisations involved in the high-level conference on peace in Ukraine are working perfectly.
Announcement of 16 June 2024 - 10:15 a.m.
Update: Overload attacks on websites of involved organisations continue due to the high-level conference on peace in Ukraine
16.06.2024 - As expected, the overload attacks due to the high-level conference on peace in Ukraine are continuing today, Sunday. The main targets are the websites of the organisations involved in the conference. The National Cyber Security Centre is monitoring the situation and is in contact with the organisations concerned.
The cyber attacks have no impact on the security of those affected or the organisation of the conference. Individual websites may be temporarily unavailable due to DDoS attacks. Such attacks do not result in direct damage to IT infrastructures or a threat to data security.
The IP addresses currently used for DDoS attacks against Swiss targets are published by the NCSC on its Github page. A large proportion of the IP addresses used in the attack belong to legitimate VPN service providers that were misused by "NoName057(16)" for DDoS attacks.
As far as the alleged problems with the live transmission during yesterday's press conference at the Bürgenstock are concerned, this was a technical failure which, according to the NCSC current state of knowledge, was not due to cyber attacks.
Announcement of 15 June 2024
Update: Overload attacks on federal websites and organisations involved due to the high-level conference on peace in Ukraine continue
15.06.2024 - Today, Saturday, before the start of the high-level conference on peace in Ukraine, the overload attacks continue as expected. Targets continue to be federal websites and organisations involved in the conference. The National Cyber Security Centre is monitoring the situation and is in contact with the organisations affected.
Those attacks have no impact on the security of those affected or the organisation of the conference. DDoS attacks make individual websites temporarily unavailable. Such attacks do not cause any direct damage to IT infrastructures.
Announcement of 14 June 2024
Update: Further overload attacks on federal websites and organisations involved due to the summit on peace in Ukraine
14.06.2024 - The overload attacks in connection with the Summit on peace in Ukraine are continuing today, Friday, as expected. Federal websites and organisations involved in the summit are again affected. The National Cyber Security Centre is monitoring the situation and is in contact with the organisations affected.
The "NoName057" group, which already targeted the websites of Swiss authorities and organisations in June 2023 and January 2024, has again claimed responsibility for the overload attacks in connection with the summit on peace in Ukraine.
There were isolated minor outages due to the attacks, but these were within the expected range. They had no impact on the security of those affected or the organisation of the summit.
Announcement of 13 June 2024
First DDoS attacks on federal government websites and those of organisations involved in the Summit on Peace in Ukraine
13.06.2024 - A first distributed denial-of-service (DDoS) attacks on various federal government websites and organisations involved in the Summit on peace in Ukraine began this morning. The attacks were expected and are presumed to be in connection with the summit. They resulted in minor outages which were within the specified tolerance. The operation of the affected units was not significantly affected.
The DDoS attacks are intended to impact the availability of websites. The security of data and systems was never at risk. Hacktivists use such cyberattacks to launch disruptive manoeuvres in cyberspace to spread political messages and attract attention.
The attacks are within the expected range and there is currently no acute danger.
The NCSC will provide regular updates.
Further information:
Last modification 17.06.2024