Summit on Peace in Ukraine: first NCSC report on Cyber Situation Network
Bern, 20.06.2024 - Even before the Summit on Peace in Ukraine got under way, cyberattacks on the conference and network infrastructure in Switzerland were expected. A number of cyberattacks were then confirmed, but they were all detected early and quickly averted. In order to jointly counter the expected cyberattacks, Switzerland set up a Cyber Situation Network coordinated by the National Cyber Security Centre (NCSC). Today, the NCSC published an initial review of the work of the Cyber Situation Network.
Large events and international conferences are often used as opportunities for cyberattacks. This was the case with the Summit on Peace in Ukraine, which took place on 15–16 June at the Bürgenstock resort and was attended by delegations from almost 100 countries. Even in the run-up to the event, cyberattacks on the conference and network infrastructure in Switzerland were expected.
Broad-based situation network
Switzerland launched a Cyber Situation Network as a joint approach to combat the expected cyberattacks. This was coordinated by the NCSC as a public-private partnership with almost 100 experts from national and cantonal authorities and private sector organisations. The broad support provided by the Cyber Situation Network was crucial in building cyber resilience ahead of the conference and enabling a rapid and effective response to cyber threats that attempted to disrupt the event. Cooperation was smooth at all times, thanks to the high level of commitment and thorough preparation of all those involved. The NCSC stood down the Cyber Situation Network on the evening of Sunday, 16 June.
Initial assessment by the NCSC
Switzerland experienced a number of cyber incidents shortly before, during and briefly after the summit. These included several DDoS attacks attempting to overload the websites of authorities and organisations involved in the summit, which were clearly perpetrated by the pro-Russian hacktivist group 'NoName057(16)'. They were within the expected range and caused only minor disruption to IT infrastructures. However, at no time was there any threat to the IT systems or data of the summit itself or the organisations involved in its organisation. The NCSC is currently still detecting individual DDoS attacks on targets in Switzerland. It can be assumed that the situation will normalise again in the coming days. There were also digital intrusion attempts against the IT systems of the cantons involved, Nidwalden and Obwalden, and a number of phishing attacks against employees of Lucerne's medical emergency call centre. The technical problems experienced during the live broadcast and the power outage on Sunday in the Bern region were not cybersecurity incidents.
The NCSC has published a report with an initial assessment of the work of the Cyber Situation Network and an overview of cyber incidents related to the Summit on Peace in Ukraine.
Address for enquiries
NCSC Communication
media@ncsc.admin.ch
+41 58 465 53 56
Publisher
National Cyber Security Centre
https://www.ncsc.admin.ch/ncsc/en/home.html
General Secretariat DDPS
https://www.vbs.admin.ch/
Last modification 08.12.2020