Hackers Target Swiss Railways, Political Parties And Retailers

A group called NSHC claims responsibility for SVP hack and SBB DDoS assault, but not a separate incident affecting

A number of Swiss organisations, including political parties, the national railway operator and online retailers, have been targeted in a series of attacks by perpetrators claiming to want to expose inadequate security measures within the landlocked country.

According to Switzerland’s Inside IT, nearly 50,000 email addresses, names and mailing lists were stolen from the country’s largest political party, the Swiss People’s Party (SVP) in an attack claimed by a group known as NSHC.

The right wing party has attracted international headlines in recent years for some of its controversial stances on immigration, most recently in its, ultimately unsuccessful, campaign to get voters to pass an initiative that would automatically deport foreigners who commit serious crimes.

DDoS attacks

“On Wednesday we were made aware that there was an attack,” party deputy general secretary Silvia Bär told SwissInfo. “We are currently looking into what exactly happened and which data could have been affected.”

Swiss Federal Railways (SBB) and a number of retailers, including electronic retailer InterDiscount, were hit by Distributed Denial of Service (DDoS) assaults.

SBB said that the online timetable service had been slowed down but critical online and rail systems had not been impacted.

“The Swiss Federal Railways website was hard to access on Monday afternoon for about an hour and in the evening for around one and a half hours due to a DDoS attack,” an SBB spokesperson is quoted as saying.

Email compromised

Swiss Railway Clock MondaineNSHC identifies as a ‘grey hat’ organisation only intent on highlighting security issues and claims to have no malicious intentions.

In an unrelated incident, the Swiss government’s Reporting and Analysis Centre for Information Assurance, known as Melani, had been hacked, with passwords of up to 6,000 email accounts stolen.

The body seeks to reduce the risks of using the Internet and its members include those active in securing systems and national infrastructure. Home users and SMBs are also members.

Melani is now asking people and companies to check to see whether they have been hacked or not and is warning these accounts could be used for fraud, blackmail and phishing scams.

Pascal Lamia, head of Melani, told German language Swiss broadcaster SRF that there is no connection with this attack and the ones allegedly carried out by NSHC.

How much do you know about Internet security? Try our quiz!