Faced with the increase in cyber attacks, the Confederation created the Federal Cybersecurity Office (OFCS). This entity deals with hundreds of cases every day and even counts on hackers to strengthen its defense. Unpublished immersion.
The premises of the OFCS, located in the center of Bern, are not visually distinguished, but the constant noise of the keyboards betrays a fierce fight against cybercriminals.
In 2024, the OFCS recorded 63,000 cyber attacks and digital fraud, an increase of 28% compared to the previous year.
>> Lire : Every eight minutes, the Federal Cybersecurity Office receives a threat announcement
Consumer window
For online scams touching the general public, a counter has been set up. Reports can be made via the site of the Confederation or by email. Each day, between 300 and 400 messages on average are received, ranging from simple questions to concrete alerts.
“The major part, almost 60%, are fraud, such as websites that do not deliver the goods paid”, notes Bibien Limido, member of the countertop team, in the morning of Friday.
The types of fraud vary depending on the season, he continues. “At the end of the year, they are rather linked to Black Friday, for example, while in summer, they concern airbnb or holiday apartments.”
Financial damage can reach a million francs, especially in cases of fraud linked “to the investment of money or cryptocurrencies”, specifies the analyst.
>> On the subject, read: A wave of “crypto kidnappings” touches France
Emergency support for hospitals and banks
As in other countries, Switzerland keeps a particularly attentive eye on so -called critical infrastructure: hospitals, power plants or financial institutions.
These entities must also report cyber attacks since April 1, to better know the phenomenon in order to better counter it.
Olivier Müller, technical analyst in charge of processing these reports, offers support to affected companies. “I call them and, for example, for a case of ransomware which implies an exfiltration of data, I advise to disconnect the backup discs,” he said. In the most critical cases, the team can even go there.
The office is limited to emergency aid because it is not allowed to compete with private cybersecurity companies.
>> Review the Cybersecurity Forum debate in Switzerland with Philippe Dourassov, EPFL student and world cybersecurity champion, and Pauline Meyer, doctoral student in specialized law on the cybersecurity of critical infrastructure:
Detect flaws
But the OFCS does not have only a firefighter role. He also tries to anticipate attacks. Monitoring systems make it possible to identify certain threats in advance. He also created a platform to identify digital flaws within the administration and, more generally, in the whole of Switzerland.
Lorenzo Pirondini is working on the management of vulnerabilities: “Ads are made by external security researchers who would have identified a vulnerability in a product developed in Switzerland or widely used in Switzerland. We have the necessary legal bases and then announce them either to critical infrastructure or to make publications for the public.”
The OFCS also counts on the help of computer hackers of a particular type: “we have 34 participants called ethical hackers”, reports Lorenzo Pirondini, himself a former ethical hacker.
“My job is to do with what we have”
The office has 67 employees, far for example of the 1,700 of its homologous office in Germany.
The Director of Ofcs Florian Schutz puts greatly on digitalization and artificial intelligence, as well as on collaborations for more efficiency.
However, he admits that additional means would not be refusal: “We could do more. But on the other hand, it is politics that decides on the means. My job is to do the maximum with what we have.”
Mathieu Henderson/juma
