MELANI semi-annual report: cybersecurity situation during the coronavirus

The 31st semi-annual report of the Reporting and Analysis Centre for Information Assurance (MELANI) addresses the most important cyberincidents of the first half of 2020 both in Switzerland and abroad. The current report focuses on the coronavirus pandemic, which has been used to entice victims in many cyberattacks.

Cyberplayers regularly adapt their attacks to major events that attract large media coverage, such as natural disasters. This was also the case with the current COVID-19 pandemic in the first half of 2020. The attackers used a wide variety of methods to deceive potential victims or spread malware, including false promises of information about the virus, how to order masks while stocks were low and notifications of online orders. The semi-annual report highlights the various types of cyberattacks that have been carried out in connection with the pandemic.

Industrial control systems targeted by ransomware

However, not all cyberattacks were related to the coronavirus. In the first half of the year, there was again an increase in ransomware attacks. In these cases, the attackers encrypt data and then demand a ransom from the victim for the release of the data. Up to now, attacks with encryption Trojans have targeted the IT infrastructure of the victims and usually only affected control systems collaterally. In the first half of 2020, a ransomware was discovered which had been specially designed to attack process controls in industrial control systems. Such attacks can have devastating consequences on businesses and the general public.

National contact point operational

Since the beginning of this year, the National Centre for Cybersecurity (NCSC) has been the central point of contact for businesses, the general public, public authorities and educational institutions when it comes to cyberissues. The contact point receives reports of incidents in a uniform manner, checks them, forwards them to the appropriate office and makes recommendations to those who submitted reports on how to proceed. A total of 5,152 reports were registered in the first half of 2020. Attempts to commit fraud accounted for the largest share, with more than half of all reports, 825 of which alone concerned emails with advance payment scams. The statistics on the received reports are published weekly on the NCSC website.

On our own behalf

This is the last time that the MELANI semi-annual report is being published under this name. MELANI became part of the NCSC when the Ordinance on Protecting against Cyber-Risks in the Federal Administration came into force on 1 July 2020. As a result, the NCSC will in future also publish the report on the most important cyberincidents.

The 31st MELANI semi-annual report is available at:

Specialist staff
Last modification 20.01.2021

Top of page