Cybersecurity for artificial intelligence and the supply chain
The Swiss Cyber Security Days covered a wide range of cybersecurity topics for private and public institutions. The global situation was also a topic at the event, which was held at BERNEXPO. However, there were two topics that stood out in particular.
Text: Andreas Heer, Picture: SCSD, Date: 13 March 2024 3 Min.
For two days, Bern was not only the capital city, but also Switzerland’s cybersecurity centre. At the Swiss Cyber Security Days, private and public organisations met with experts who deal with security in different ways – a subject that concerns everything and everyone, from the general geopolitical climate to small municipalities and businesses. And for good reason. According to various sources, the damage caused by cyberattacks in Switzerland is likely to far exceed the cost of severe weather damage: CHF 1.5 billion, compared with ‘only’ around CHF 50 to CHF 500 million for natural disasters.
Artificial Intelligence on both sides
The cost comparison figures were frequently heard in the halls of BERNEXPO. However, not surprisingly, the most common buzzword was ‘artificial intelligence’. Attackers’ use thereof is a cause of concern for cyber defence, which also relies on machine learning and AI for attack detection. Generative AI is particularly interesting for social engineering because it allows attacks that are much more precisely tailored to the victims in terms of content and tone. However, it also makes it easier to develop malware, for example, when obfuscating code. This is a development that needs to be closely monitored. Under these circumstances, security awareness and raising employees’ awareness is likely to become even more important.
However, given the geopolitical situation, the exact opposite of AI-supported attacks is just as much of an issue: targeted, tailored attacks by APT groups for cyber espionage or to cause the greatest possible damage by means of ‘wiper’ attacks. This can also affect countries and organisations that are not directly involved in acts of war. An example of this is the DDoS attacks on Swiss websites in summer 2022 or during the WEF in January 2024.
The supply chain: an important security issue
But if we look at Switzerland, there is also a need for action here. Florian Schütz, director of the new federal office, the National Cyber Security Centre (NCSC), reported that his office receives a notification of a malware infection every 40 minutes on average. Possible gateway: one of the approximately 2.5 million vulnerabilities in addresses with .ch domains identified in the CyObs Country Report 2024 for Switzerland. The most common reason for this is outdated software versions,
which is consistent with the lack of cybersecurity knowledge among smaller organisations and the limited budgets for security measures. Successful cyberattacks on such institutions can have far-reaching consequences. This is because the various organisations, from small companies, municipalities and large corporations to critical infrastructure, are closely interlinked in the supply chain. Suppliers play an important role; therefore, protecting the supply chain is central to protecting against unwanted ‘visitors’.
Working together for resilience
For cyber defence to be effective, organisations first need to know the current threat status. In the concluding panel discussion, the desire for improved dialogue between the various stakeholders was expressed several times. Such forms of collaboration already exist at different levels, for example between critical infrastructure and the NCSC. However, the keynote was that they need to be expanded to include discussions about successful attacks. After all, if cyber incidents were to be de-stigmatised, others could also benefit from the experience gained.
But not even a discussion will solve the problem that is the lack of expertise and the shortage of experts, or that an in-house cybersecurity department isn’t economically viable. This reiterated how important employee awareness is in order to prevent attacks, and that in-house experts could be replaced by a virtual team, with organisations joining forces in cyber defence or outsourcing the latter.