class=”sc-29f61514-0 fQbOYE”>
The cyber attack on the IT company Xplain also has unpleasant consequences for the federal government. The alleged Russian group Play is behind the attack on the Bern-based company, which also provides IT services to the federal government.
Data from Fedpol and the Federal Office for Customs and Border Security (BAZF) fell into the hands of cybercriminals. Because Xplain refused to pay the ransom in consultation with the federal government, they ended up on the Darknet in two installments.
At the end of June, the Bundesrat set up a crisis team to investigate the data theft. It must be ensured “that this outflow of data does not continue and that such a thing is no longer possible in the future,” says Federal Councilor Karin Keller-Sutter (59).
Federal government mail
All IT service providers who work for the federal government have now received mail from the federal government, writes Inside IT. The two-page letter available to the portal contains “information and recommendations on information security”. The letter was signed by Pierre Broye (59), director of the Federal Office for Buildings and Logistics (FOBL), and Thierry Vauthey (58), head of public procurement.
In the letter, the federal government reprimands the addressee companies. They must be able to guarantee the confidentiality, integrity and availability of systems, data and information. It also states that the handling of data and information must be traceable.
Five points
“We assume that your company will comply with contractual obligations and regularly inform itself about current cyber threats and the associated countermeasures,” the authorities write. Finally, the BBL administrators list five points that IT companies employed by the federal government must adhere to.
The service providers should be committed to ensuring multi-factor authentication on all systems. They are also prohibited from using unencrypted passwords and from storing non-anonymized productive federal data.
In addition, companies should implement and apply a post-use test data disposal procedure. Network traffic should also be monitored and employees working outside the company should be “forced” to use a VPN connection.
“Inform the federal administration immediately”
Last but not least, an incident response process is required. It allows businesses to respond to IT threats such as cyber-attacks, security breaches and server failures. Last but not least, central logging on systems and applications is required to evaluate log files regularly.
If companies are unable to meet these security requirements or discover weaknesses or issues, contract partners in the federal government should be notified immediately and the National Center for Cybersecurity should be contacted. (Okay)
Source:Blick
I am Liam Livingstone and I work in a news website. My main job is to write articles for the 24 Instant News. My specialty is covering politics and current affairs, which I’m passionate about. I have worked in this field for more than 5 years now and it’s been an amazing journey. With each passing day, my knowledge increases as well as my experience of the world we live in today.
