Second NCSC semi-annual report focuses on vulnerabilities

02.11.2021 - The NCSC's second semi-annual report deals with the most important cyberincidents of the first half of 2021 in Switzerland and internationally. The main topic is dedicated to vulnerabilities in IT systems that can be exploited to carry out cyberattacks.

Vulnerabilities in hardware and software make welcome attack targets if the vulnerable components are not updated promptly with patches. The MS Exchange Server vulnerabilities as well as Sonic Wall, PrintNightmare and QNAP NAS are just a few examples that are highlighted in the current focus topic.

Expanding vulnerability management

The NCSC is expanding vulnerability management so that security vulnerabilities can be disclosed in a coordinated manner on a single platform (coordinated vulnerability disclosure), but also to give those who discover security vulnerabilities the opportunity to report their findings anonymously to a public authority. In addition, the public is informed about critical security vulnerabilities that are in circulation and receives support in the form of appropriate security measures. In order to detect security vulnerabilities, the NCSC provided close support in the first half of 2021 for the test phase of the infrastructure for the Covid certificate and the first bug bounty pilot programme in the Federal Administration.

Most common reports of fraud

In the first half of 2021, the majority of reports to the NCSC again concerned various forms of fraud. In particular, CEO fraud, fake support calls and classified ad fraud were reported very frequently. Investment fraudsters are currently luring people with promises of enormous profits when investing in cryptocurrencies. The NCSC's contact point received a total of 10,234 reports of various cyberincidents during the reporting period. This is almost twice as many as in the first half of 2020. The reasons for this sharp increase are twofold: firstly, the introduction of the NCSC's new reporting form and its prominent placement on the homepage and, secondly, several large waves of attacks involving fake sextortion and phishing.

Increase in reports of ransomware and phishing

The high number of reported incidents involving encryption Trojans, i.e. ransomware, is also striking. The number has tripled from 32 cases in the first half of 2020 to 94 cases in the current reporting period. Qlocker ransomware, which mainly targeted private individuals and QNAP network storage devices, was behind the majority of these cases.

The NCSC also recorded a significant increase in phishing reports. While in the first half of 2020, 497 reports of phishing were submitted via the reporting form, in 2021 there were 2,439 reports in the same period. This represents an almost fivefold increase. This was mainly due to the higher number of reports of emails and text messages with bogus parcel notifications, which have increased significantly in recent months.

Last modification 02.11.2021

Top of page

https://www.ncsc.admin.ch/content/ncsc/en/home/aktuell/im-fokus/hjb-21-1.html