Switzerland’s Defense Department has issued a public statement on Friday that its IT department has blocked a malware related cyber attack from penetrating into the government network. However, another attack is said to have disrupted the systems of a contractor working for the foreign affairs department and the damage is yet to be accessed.
The Federal Chancellor said in the statement that some cyber crooks used the well-known Turla Malware to attack the servers of the defense department in July this year. Fortunately, the IT department sniffed the intrusion in time and prevented the malware from causing damage on a further note.
And as per the sources reporting to Cybersecurity Insiders, the defense and foreign affairs departments filed a legal complaint with the federal prosecutors and the investigation has been launched to dig further into the issue.
The Office of Attorney General Micheal Labor confirmed receipt of the complaint. But it declined to comment further.
Jean-Marc Crevoisier, the spokesperson for the Foreign Affairs Department of Switzerland said that the cyber attack against the contractor was kept away from the media for security reasons. Mr. Crevoisier added that the malware infected systems have been isolated and the staff is working on cleaning up the malware.
Note 1- Turla malware is known to infect government and military systems since 2008. In 2014, security experts detected that Turla has infected hundreds of government computers and military agencies operating across Europe and the Middle East.
Note 2-Several security experts from Kaspersky, Symantec, and Cisco Talos argue that the malware was developed by Russian Intelligence and is known as a Trojan having spying capabilities. The malware is said to spread through spear phishing emails and watering hole attacks.
Note 3- Turla Malware opens up a backdoor in infected systems that enables communications with the attackers/developers. Through this backdoor, cyber crooks can copy files from the infected computer, connect to servers, delete files, load and execute other forms of malware and on an overall note use the PC as a malware-spreading central repository.
