Swiss websites hit by DDoS attacks during World Economic Forum in Davos

Swiss websites were hit by a wave of distributed denial-of-service (DDoS) attacks this week, likely orchestrated by pro-Russian hackers.

According to the Swiss National Cybersecurity Centre (NCSC), the attacks temporarily disrupted access to several websites run by the Federal Administration — the government's executive branch.

“The cyberattack was promptly detected and the Federal Administration's specialists took the necessary action to restore access to the websites as quickly as possible,” said NCSC’s statement.

DDoS attacks are aimed at making websites unavailable but do not result in any data being lost or compromised.

A Russian politically-motivated hacker group known as NoName claimed responsibility for the attacks on its Telegram channel.

The gang is notorious for its DDoS attacks, primarily targeting financial institutions, government websites, or transportation services in European countries that support Ukraine during its war with Russia. The hackers’ motives align closely with pro-Kremlin interests.

NoName linked its recent attacks on Switzerland to Ukrainian President Volodymyr Zelensky's attendance at the World Economic Forum in Davos.

“While the Davos forum plans to destroy Russia, we have already taken action and are destroying Swiss websites,” the hackers said.

In addition to government websites, they also claimed to have targeted local airports, railways, hotels and restaurants.

Cyberattacks on Switzerland were anticipated leading up to Zelensky's visit, according to the NCSC. The agency claimed to have alerted critical infrastructure operators about the threat, urging them to implement necessary precautions. The Federal Administration had also adopted the required security measures.

“Hackers generally use such attacks on website availability as a means of gaining media attention for their cause,” the NCSC said.

NoName consistently targets Switzerland, citing various reasons for its attacks, including sanctions imposed on Russia, the visits of Swiss state officials to Ukraine and the government and military aid provided to support Kyiv's war efforts.

In total, NoName has likely conducted over 1,500 DDoS attacks since March 2022, according to a recent report. The group uses free or low-cost public cloud and web services as a launchpad for DDoS botnets that flood target web servers.

Following the attacks on Switzerland, the group claimed it was turning its focus toward Estonia.