Patrick Brielmayer, former hacker: Analysis of the cyber attacks
Daniel Nussbaumer, Police Specialist: Assistance for victims
This concern also drives Daniel Nussbaumer. The lawyer with a PhD is the head of the cyber crime department in the Zurich Canton Police. His team now encompasses 15 detectives and 30 specialists in digital forensics, including many IT graduates. Increasing digitization has made police work more complex, since the Internet has created completely new ways to commit crimes.
According to Daniel Nussbaumer, many SMEs are affected by, for example, “CEO fraud”: Cyber criminals recreate a typical e-mail from the boss. In it, he asks for an urgent payment of CHF 5,000 to be made. But when the bookkeeping department makes the payment, it ends up with the hackers. "Usually there are complete teams behind it all," he explained. "One programs, one's good at writing and the third one does the research." The police specialist advises to always double check by calling back in the event of unusual e-mails.
Ransom for company data
Stephan von Watzdorf, Product Manager: Protect against residual risk
People are the weakest link
New offer for SMEs: Cyber Security Training
This is where Zurich Switzerland weighs in: the leading Swiss insurer offers companies more than just customized insurance solution – it is also active in the area of prevention. In addition to consultation, our offering now includes employee training.
The new program is called "Cybersecurity Training". It is made up of six training videos and six corresponding training modules with a few questions. For Cybersecurity Training, Zurich Switzerland is cooperating with the internationally renowned company SoSafe.
Protect business secrets
Entire web pages falsified
Online shops particularly at risk
When hackers plunder accounts
Once the cyber criminals are inside the network, they procure the credit card data of customers, for example, use it to buy bitcoin and charge prepaid credit cards, explained insurance expert von Watzdorf. For SMEs, the reputational damage is above all relevant, but claims for damages can also arise.
If their own money is stolen, many SMEs feel secure, which is a mistake. They believed their banks would be liable for the losses. "But that's incorrect," according to the Zurich expert. The cause in any case usually lies in the IT of the SME affected: For example, the hackers install a Trojan and observe the bookkeeper until s/he logs into their e-banking account. "The hackers then take over the session while the employee stares at a black monitor. Later he finds out CHF 100,000 have been transferred."