Swiss Government and Bank System Under Siege

Pro-Russian Cyber Group “NoName” Attacks and Leaves Unresponsive Dozens of Swiss Websites

On Monday, June 12, 2023, the Swiss government and several state-linked companies fell victim to a series of cyber-attacks, rendering their websites inaccessible. The finance ministry of Switzerland confirmed the incident, stating that federal administration specialists were quick to notice the attack and are working to restore accessibility to the affected websites and applications as soon as possible.

The cyber-attack, identified as a distributed denial-of-service (DDoS) attack, was claimed by a pro-Russia threat group called NoName. This group specializes in launching such attacks against Ukrainian and European organizations. Notably, NoName also claimed responsibility for a similar attack on the Swiss Parliament that took place on June 7-8. As of today, June 15, the group continues to carry out their attacks.

NoName has been actively sharing updates on their attacks through their Russian and English-speaking Telegram channels. They have claimed responsibility for taking down the websites of various Swiss federal agencies, state-linked companies, and even city websites. Some of the targeted websites include the Swiss Ministry of Justice and Police, the Swiss Federal Office for Customs and Border Security, the Swiss Federal Police Office, and the Ministry of the Interior of Switzerland.

In addition to government websites, NoName has also targeted transportation-related websites such as the Swiss railway company Südostbahn (SOB), Swiss Post, and several Swiss airports, including Geneva International Airport and Bern Regional Airport. The group has also attacked websites of Swiss financial institutions, including the Swiss Association of Private Bankers, the association of Swiss securities firms, and the Swiss bank Julius Bär.

One of the pictures NoName shared on their Telegram channel

On June 14, NoName published a post in support of Europeans who protest “against the sponsorship of Bandera at the expense of EU taxpayers”. They claimed to have taken down the official website of the city of Geneva in response to a planned video chat between Ukrainian President Zelensky and the Swiss Parliament.

As of June 15, NoName continues to share updates on their DDoS victims, including the official website of Switzerland and the website of the Zurich transport association ZVV. The group has also targeted SwissID, a website used to confirm the identity of Swiss citizens.

rEvil and Killnet(?) promise to take down European Bank System

In a recent development, a video has surfaced, allegedly from rEvil and Killnet members, claiming plans to take down the entire European banking system within the next 48 hours. The situation remains critical as the Swiss government and state-linked companies continue to face cyber threats from NoName and potentially other threat groups.

The vide has been originally shared on Mash Russian media Telegram channel

vx-underground has posted a comment on the video saying: “Since when did REvil ransomware group go on camera and publicly disclose their plans prior to attack? And why is “REvil” wearing a Slipknot mask?”. We can’t disagree with it 🙂

If you liked this article, we advise you to read our previous article about Rhysida and DarkRace: Two New Ransomware Threats. Follow us on Twitter and LinkedIn for more content.

Stay up to date with exposed information online. Kaduu with its cyber threat intelligence service offers an affordable insight into the darknet, social media and deep web.