Sa, Jan 6th 2024
Swiss Air Force compromised data, a supplier to the Swiss Department of Defense has been targeted by hackers, leading to a significant leak of Swiss Air Force data. This breach has resulted in sensitive documents being unlawfully distributed on the darknet, with suspicions pointing towards a Russian origin for the attackers.
A staggering volume of data has been compromised in this breach. As Swiss Radio and Television (SRF) reported, hackers might have stolen tens of thousands of documents from Ultra Intelligence & Communications, a prominent US defense firm. Around 30 gigabytes of partly sensitive and classified Swiss Air Force documents have been uploaded to the dark web, making them publicly accessible.
In the wake of this critical incident, the Federal Department of Defense, Civil Protection and Sport (DDPS) has been actively addressing the situation. A spokesperson informed the Keystone-SDA news agency that Armasuisse and the Defense Group were promptly notified about the cyberattack. The DDPS believes that the operational systems of the Swiss armed forces have not been affected by this malware attack.
Among the compromised data are documents including a significant contract between the DDPS and Ultra, valued at nearly five million dollars. This contract was essential for the Swiss Air Force’s encrypted communications technology. Additionally, email correspondences and payment receipts related to these transactions have also been found on the dark web.
While the DDPS spokesperson provided limited details, they acknowledged Armasuisse’s business relationships with various Ultra companies. To date, the primary type of data leaked has been commercial, but the investigation into the full extent of the incident is still underway.
The hacker group ALPHV, known for its significant global presence, has claimed responsibility for this ransomware attack, which reportedly took place at the end of December 2023. Cybersecurity experts suggest that ALPHV could have Russian origins.
Ultra’s involvement in the defense industry extends beyond the Swiss Air Force. Its client list includes other defense companies such as Ruag, as well as international agencies like the FBI and NATO. This widespread client base highlights the potential global impact of the breach.
This incident marks the third significant cyberattack on Swiss federal data within the past six months. Previous incidents involved ransomware attacks on Swiss companies Xplain and Concevis, both of which have connections with the DDPS and other federal organizations.
In conclusion, the recent cyberattack on Ultra, leading to the unauthorized release of Swiss Air Force data on the darknet, serves as a stark reminder of the continuous cyber threats facing national security infrastructures. The ongoing investigation underscores the importance of enhanced cybersecurity measures to safeguard sensitive defense information.
©Keystone/SDA
German 
English 
French 
Spanish 
Arabic