Successful cyberattacks on established companies in Switzerland and elsewhere regularly make the headlines. Cyberattacks are becoming increasingly sophisticated, and attackers are constantly developing new methods. In addition, security gaps are constantly emerging, which companies have to close or mitigate very quickly. A recent example is the “Log4j” vulnerability, a gap in a widely-used logging tool for Java applications, which was discovered at the end of 2021 and could be exploited very easily over the internet. Many of the supervised institutions reacted quickly in order to close the gap promptly. Particularly companies that had prepared instructions and procedures for such scenarios and had tested these during regular business operations were able to deal with the incident effectively and promptly.
Supervised institutions reported a total of 145 cyberattacks to FINMA between September 2020 and September 2022. Since the publication of the last Risk Monitor, 65 attacks have been added. An evaluation of the attacks reported in the last twelve months shows that the focus of attacks has shifted from the “distributed denial of service” (DDoS) type to malware (particularly via external service providers). The most frequent method of attack was via an external service provider in the course of an outsourcing arrangement.
FINMA currently identifies the following main risk drivers in its supervisory work:
(From the Risk monitor 2022)