Categories: Politics

Letter after hacker attack on Xplain: The federal government lectures its IT service providers

class=”sc-29f61514-0 fQbOYE”>

1/5
The federal government requires security by letter from IT service providers who carry out assignments for this purpose.

The cyber attack on the IT company Xplain also has unpleasant consequences for the federal government. The alleged Russian group Play is behind the attack on the Bern-based company, which also provides IT services to the federal government.

Data from Fedpol and the Federal Office for Customs and Border Security (BAZF) fell into the hands of cybercriminals. Because Xplain refused to pay the ransom in consultation with the federal government, they ended up on the Darknet in two installments.

At the end of June, the Bundesrat set up a crisis team to investigate the data theft. It must be ensured “that this outflow of data does not continue and that such a thing is no longer possible in the future,” says Federal Councilor Karin Keller-Sutter (59).

Federal government mail

All IT service providers who work for the federal government have now received mail from the federal government, writes Inside IT. The two-page letter available to the portal contains “information and recommendations on information security”. The letter was signed by Pierre Broye (59), director of the Federal Office for Buildings and Logistics (FOBL), and Thierry Vauthey (58), head of public procurement.

In the letter, the federal government reprimands the addressee companies. They must be able to guarantee the confidentiality, integrity and availability of systems, data and information. It also states that the handling of data and information must be traceable.

Five points

“We assume that your company will comply with contractual obligations and regularly inform itself about current cyber threats and the associated countermeasures,” the authorities write. Finally, the BBL administrators list five points that IT companies employed by the federal government must adhere to.

Advertisement

The service providers should be committed to ensuring multi-factor authentication on all systems. They are also prohibited from using unencrypted passwords and from storing non-anonymized productive federal data.

More about cybercrime
State secrets on the dark web
Hacker attack turns into a super meltdown
E-voting and patient file
Here too, the federal government wants our data
IT security expert explains
Why Switzerland is a “top target” for hackers
Hooligan data on the dark web
Now the federal government is threatened with a wave of lawsuits

In addition, companies should implement and apply a post-use test data disposal procedure. Network traffic should also be monitored and employees working outside the company should be “forced” to use a VPN connection.

“Inform the federal administration immediately”

Last but not least, an incident response process is required. It allows businesses to respond to IT threats such as cyber-attacks, security breaches and server failures. Last but not least, central logging on systems and applications is required to evaluate log files regularly.

If companies are unable to meet these security requirements or discover weaknesses or issues, contract partners in the federal government should be notified immediately and the National Center for Cybersecurity should be contacted. (Okay)

Advertisement

Source:Blick

Share
Published by
Livingstone

Recent Posts

Terror suspect Chechen ‘hanged himself’ in Russian custody Egyptian President al-Sisi has been sworn in for a third term

On the same day of the terrorist attack on the Krokus City Hall in Moscow,…

1 year ago

Locals demand tourist tax for Tenerife: “Like a cancer consuming the island”

class="sc-cffd1e67-0 iQNQmc">1/4Residents of Tenerife have had enough of noisy and dirty tourists.It's too loud, the…

1 year ago

Agreement reached: this is how much Tuchel will receive for his departure from Bayern

class="sc-cffd1e67-0 iQNQmc">1/7Packing his things in Munich in the summer: Thomas Tuchel.After just over a year,…

1 year ago

Worst earthquake in 25 years in Taiwan +++ Number of deaths increased Is Russia running out of tanks? Now ‘Chinese coffins’ are used

At least seven people have been killed and 57 injured in severe earthquakes in the…

1 year ago

Now the moon should also have its own time (and its own clocks). These 11 photos and videos show just how intense the Taiwan earthquake was

The American space agency NASA would establish a uniform lunar time on behalf of the…

1 year ago

This is how the Swiss experienced the earthquake in Taiwan: “I saw a crack in the wall”

class="sc-cffd1e67-0 iQNQmc">1/8Bode Obwegeser was surprised by the earthquake while he was sleeping. “It was a…

1 year ago