A reporting obligation, however, would enable the NCSC to gain a better overview of cyberattacks that have occurred in Switzerland and shed light on the methods used by the perpetrators. This would lead to a better assessment of the threat situation and enable operators of critical infrastructure to be warned at an early stage.
Further Information
The Cyber Security Hub (CSH) is an important information system of the National Cyber Security Centre (NCSC). It is used to share and manage information on cyber threats, cyber incidents and cybersecurity practices.
Further Information
This document provides an overview of common forms of threats and their classification, as well as the types of perpetrators behind these threats.
Cyberattack – what to do? Checklist for CISOs in the event of a cyberattack (PDF, 61 kB, 16.02.2021)
Have you discovered a vulnerability in an IT system or in commercially available applications, software or hardware and want to report it? The golden rule is to inform the vendor or system owner directly. However, if these organisations do not respond to you or if their response is insufficient, the NCSC can act as an intermediary to resolve such security issues.
If you could not reach the affected organisation, report the vulnerability you found to the NCSC.
This means that the NCSC is not only the official contact point for reporting security vulnerabilities in Switzerland, but also maintains their CVE IDs for international exchange.
In case of cybersecurity problems in a company or organisation, it is very important to quickly inform the relevant security contact. Often, however, these contacts are not easy to find on websites, or are not even listed. The "security.txt" standard provides a way to publish the security contact of an organisation or company in a uniform way, thus making it quicker to find.
«security.txt»: Include your security contact on your website
In order to increase its cyber security and reduce cyber risks effectively and cost-efficiently, the Federal Administration runs bug bounty programmes under the leadership of the National Cyber Security Centre (NCSC) and in cooperation with other administrative units and Bug Bounty Switzerland AG.
The Government Computer Emergency Response Team (GovCERT) is the national specialist service responsible for the technical management of cyberincidents and technical analysis of cyberthreats.
07.11.2024 - Bericht zu Telefonbetrug im Cyberbereich
07.03.2024 - Bericht zu den Datenanalysen nach dem Cyberangriff auf die Firma Xplain
30.10.2023 -Detaillierter Analysebericht zu den DDoS-Angriffen «NoName057(16)»
23.05.2016 - Technischer Bericht zur eingesetzten Schadsoftware beim Cyberangriff auf die RUAG
