Yesterday evening, the Swiss Television program Rundschau showed in a special report that the networks of the now split RUAG (Swiss company specialised in aerospace engineering and the defense industry) is still extremely vulnerable 5 years after the big hack. This vulnerability is a threat to Switzerland's national security, as the RUAG network interfaces with various military, official and police institutions. In particular, the article shows the inadequate protection of the soon-to-be-privatised RUAG International, which continues to have active interfaces with the Swiss MRO arm of RUAG at various points in its IT infrastructure.
Of course, the enormous complexity of unbundling and securing the RUAG networks must be taken into account when discussing these still serious security deficiencies. Nevertheless, it is extremely worrying how easily according to the Rundschau hackers can still move around RUAG’s networks today and thus access critical data – especially considering the far-reaching importance of the RUAG network for numerous system-critical Swiss institutions (e.g. Swisstopo, the Polycom security radio system, Armasuisse, the Federal Customs Administration, the National Cyber Security Centre or the Federal Intelligence Service).
Regardless of whether external attackers have once again penetrated RUAG's network, or whether the hack was engineered by a dissatisfied employee, for example – which would also be problematic from a security point of view – we are of the opinion that:
It must be our ambition to be able to guarantee control over the trustworthiness, integrity, availability, transmission, storage and processing of data from within Switzerland. Fortunately, Switzerland has a very active and internationally successful ecosystem in the area of cyber security, also thanks to its strong technical universities, which can help to protect the system-critical Swiss infrastructure from national and international hacker attacks. Our Network Detection and Response solution can make a decisive contribution to this by detecting attacks that would remain undetected by common prevention measures before they cause damage to the network.
Expert assesment by:
Dr. David Gugelmann, CEO and Founder Exeon Analytics AG:
The author: David Gugelmann, CEO and Founder of Exeon