CSIRT - Rapid response to cyber incidents
Immediate assistance for cyber and hacker attacks on your SME
Call us immediately in an emergency.
Businesses are seeing a significant rise in professional cyber and hacker attacks. SMEs are a popular target as their IT systems are often insufficiently protected. If you require assistance following a hacker attack, a professional response is vital as an ill-considered move may result in even further damage to the company. In order to make the right decisions under pressure and swiftly mitigate the damage to the company, you need experienced, well-trained professionals.
Should you experience a cyber emergency, call us so that our team of cybersecurity experts can immediately analyse your situation and provide guidance.
Your benefits
- Our highly trained, highly experienced cybersecurity team is available 24/7.
- Close collaboration between our cybersecurity experts and your IT partner or IT department.
- You retain control over the next steps and associated costs at all times.
When is our immediate assistance the right solution?
Out of nowhere, your IT and the daily operations of your SME are paralysed. Your online shop is no longer available, and data cannot be accessed. The only accessible document is the instructions for where to pay the ransom to escape this horror scenario. Our experienced team of experts are there for your SME for precisely this type of cyber attack. The team analyses the situation as quickly as possible and provides you with a firm basis for making informed decisions and taking appropriate action.
Why Swisscom?
- Experience: Our cybersecurity experts successfully protect our own infrastructure and those of our customers.
- Availability: Available around the clock throughout Switzerland – and not just for Swisscom customers.
- All CSIRT (Security Incident Response Team) services are from Switzerland.
Immediate assistance in the event of a cyber attack
Calls are free. The charge for using this service is calculated on the basis of time and materials plus a flat rate fee. This offer is exclusively available to companies in Switzerland.
Downloads
Swisscom’s support for SMEs in the event of a cyber attack
You have been the victim of a hacker attack
Your SME has been infected during a cyber attack, for example by ransomware. Operations come to a standstill and your data is no longer available. Your data will only be decrypted once a ransom demand has been paid.
As soon as a confirmed attack is reported by the customer, Swisscom’s cybersecurity experts analyse the attack vectors and contain the systems affected. We help you to remove malware and restore operations.
Suspect a security incident, but not entirely sure?
Your employees report that the systems are behaving strangely. This leads you to suspect a hacker attack on your SME, but you are not absolutely certain.
Our team of cybersecurity experts checks your systems thoroughly and provides an answer. If there has been an attack, we show you the steps needed to defend yourself and prevent the spread of malware. After a genuine attack, a forensic investigation provides the basis for establishing the course of action to be taken.
FAQs: cyber attacks on SMEs
What should I do if my SME has been hacked?
Report a security incident any time on our freephone number 0800 850 000. Our team of experts are available around the clock and will start to analyse the incident as soon as possible. This service is available to all Swiss SMEs, whether or not they are Swisscom customers.
Has our SME been hacked or not?
After you have reported an attack by telephone, we check whether or not there has really been an attack on your SME. Stay calm and don’t act in haste – this can often make the situation worse. If your SME has been the victim of a cyber attack, we will get to work.
Should we pay the ransom after a hacker attack – yes or no?
We recommend that you should never pay the ransom because you have no guarantee that your data will be released once the ransom has been paid. By paying the money, the cyber criminals have got what they wanted and will use it to finance more crime. Paying the ransom demonstrates that you can be blackmailed and makes you a lucrative target. Lists of companies that have previously paid ransoms are traded on the dark net. What is preventing hackers from blackmailing you again? In a case such as this, it is better to involve a team of experts with a detailed plan for dealing with this type of scenario.
Who removes the malware and restores IT operations?
Swisscom’s CSIRT (Cybersecurity Incident Response Team) is primarily concerned with analysing the attack (the attacker’s modus operandi, identifying compromised systems, etc.). Your IT partner or your company’s IT department will handle the clean-up and restoration of your IT system.
The CSIRT recommends appropriate emergency measures to prevent the attack spreading further within your systems or the escalation of a data leak. We give you a recommended course of action to effectively eliminate the threat from the affected systems.
What is the cost of defending against a cyber attack on our SME?
This is highly dependent on the type and scope of the cyber attack and cannot be answered in general terms. The costs for using this service are calculated on the basis of time and materials plus a flat rate fee. You are always given a transparent maximum charge for the next step and can decide at any point whether or not to proceed.
Wir sind mit den Ergebnissen des Well-Architected Review von Swisscom sehr zufrieden. Es hat uns geholfen den Workload zu verbessern. Zusammen mit den Cloud Architekten von Swisscom konnten wir eine Strategie entwickeln, um die IoT-Anwendung robuster zu machen und zukünftige Entwicklungen besser planen zu können.»
Product Owner, Bruker