07.11.2024 - Cyberthreats are increasing significantly: so far this year, the National Cyber Security Centre (NCSC) has received, on average, a cyberincident report every 8.5 minutes. With 34,789 cyberincidents reported to the NCSC in the first half of 2024, numbers have almost doubled compared to the same period last year. The increase is due in particular to a massive rise in fraud attempts, which at 23,104 cases account for two thirds of all reports. Most of these cases involve telephone fraud, as explained in a separate report.
The Cybersecurity 2024/1 report, covering the first six months of this year, sets out the current cyberthreat situation. The latest figures underline the importance of the NCSC's tasks. As of the end of October, the NCSC was receiving a report of a cyberincident from members of the public and businesses every 8.5 minutes via its reporting form.
Fraud attempts dominate incoming reports
In the first half of 2024, the NCSC received 34,789 reports of cyberincidents. This is almost double the figure for the same period last year. The increase in relation to fraud is particularly striking: 23,104 cases, accounting for two thirds of all reported incidents. The number of fake calls purporting to be from government authorities stands out in particular: in 13,730 cases, fraudsters posing as government employees tried to persuade their victims to install remote access software. NCSC analyses these cases in a separate report, which is published together with the half-year report.
Marked increase in phishing messages
The NCSC also recorded a significant increase in relation to phishing. With 6,643 reports in the first half of 2024, the number is around 2,800 cases higher than in the same period last year. Fraudsters mainly rely on fake messages relating to parcel deliveries and bogus refunds supposedly from well-known companies, such as the Swiss Federal Railways (SBB), or from the tax authorities. A currently widespread approach involves 'chain phishing', a snowball-like distribution of phishing emails, in which phishing messages are sent to everyone in the address book after an email inbox has been infiltrated.
Introduction of mandatory reporting of cyberattacks
Around 90 per cent of reports to NCSC come from private individuals, the remaining 10 per cent from businesses. These reports are all voluntary. In order to gain a better understanding of the cyberthreat situation, a reporting obligation for cyberattacks will be introduced for operators of critical infrastructures in the course of 2025.
Your opinion matters to us
We would like to know your opinion on the content of the current semi-annual report, so that we can better adapt such products to your needs in the future.
Last modification 07.11.2024