Swiss IT infrastructure has ‘2.5 million vulnerabilities’ – SWI swissinfo.ch

“That’s definitely too much. Switzerland is not doing its job properly when it comes to cybersecurity,” said IT expert Marc Peter when asked by the Keystone-SDA news agency. Peter is a professor at the University of Applied Sciences Northwestern Switzerland and CEO of Dreamlab Technologies.

The study into Swiss cyberspace was presented on Tuesday on the occasion of the Swiss Cyber ​​Security Days. The company Dreamlab Technologies used the CyObs software solution to scan the “external attack surface” and inventory all IT infrastructures connected to the Internet.

Around a million of these potential vulnerabilities were classified as critical or high. “These are vulnerabilities that are documented and known to hackers,” said Peter. These are security gaps in software that have already been discovered, reported and listed in a database.

According to the investigation, the security gaps affect all areas. An analysis carried out by Dreamlab a year ago showed that in Switzerland the financial sector was particularly well protected, while research, education and healthcare brought up the rear.

“Even the federal administration is affected,” said Peter. In the current investigation, the experts found various gaps in “admin.ch” websites. According to the IT expert, most of the security gaps in the Internet infrastructure of the Swiss federal administration can be traced back to outdated versions of software products.

These security gaps could be exploited by cybercriminals, for example to blackmail people or companies, steal industrial secrets or publish fake news, as Peter explained.

“It’s like going on vacation as a private individual without closing the windows of your apartment,” said Peter. According to the expert, politicians as well as private individuals and companies must address these security problems.

Translated from German by DeepL/mga