During the lockdown in particular, cyberattacks became much more frequent and more intensive. For example, the distribution of malware increased, as did the number of phishing mails. Since August 2020, moreover, many of the supervised financial institutions informed FINMA about so-called DDoS attacks on their infrastructure. These “distributed denial-of-service” attacks attempt to disrupt the availability of an internet service by bombarding it with queries. In all cases, these attacks were accompanied by blackmail letters in which a bitcoin payment would have to be made in order to prevent a subsequent attack. This wave of blackmail attempts was not aimed exclusively at companies in the financial sector and was a global phenomenon.
Cybercrime overall is on the rise. This can potentially go as far as cyber sabotage of critical infrastructure, or the disclosure of stolen information. Moreover, the attackers are becoming increasingly professional and well organised. This makes it all the more important –but also more challenging – to prevent and combat the attacks effectively.
A successful cyberattack can have serious consequences for the functioning of the Swiss financial centre. It may, for example, delay the provision of a financial service or even render it impossible. For the financial markets to function properly, institutions that provide integrated or interlinked services are particularly important – e.g. financial-market infrastructures, critical-service providers of key IT systems for the financial centre, and systemically important financial institutions. A successful attack on an institution of this kind could prove damaging both to other financial institutions and the Swiss economy as a whole. The reputational damage would be significant, and confidence in the Swiss financial centre would be undermined.
(From the Risk monitor 2020)