Cyber Incident Victim: Canton of Bern

On January 10, 2025, Swiss federal web services experienced a significant disruption when a distributed denial-of-service (DDoS) attack overloaded government systems. The attack rendered multiple federal websites temporarily inaccessible and impaired internal operations for approximately 45 minutes. According to the Federal Office of Informatics and Telecommunications (BIT), the incident began suddenly, with attackers flooding systems with coordinated requests to exceed service capacity. This caused cascading failures across telephony systems, email servers, official websites, and specialized government applications. The disruption impacted routine administrative functions but did not compromise sensitive data, as DDoS attacks typically overwhelm infrastructure rather than extract information. Federal cybersecurity teams detected the anomalous traffic patterns promptly, triggering incident response protocols.

BIT technicians implemented countermeasures to mitigate the attack traffic and restore service availability within the operational timeframe. Subsequent analysis confirmed no data exfiltration occurred during the incident. The BIT collaborated with the Swiss Federal Office for Cybersecurity to investigate the attack's origin and methodologies, though no attribution details were disclosed in initial reports. This marked at least the second major cyber disruption against Swiss federal infrastructure within a year, following a 2024 attack claimed by the Russian-affiliated "No Name" hacker group. Historical context indicates persistent targeting of government digital assets, with prior incidents often linked to geopolitical events such as Ukraine-related diplomatic activities. Post-incident actions focused on forensic analysis and developing enhanced defensive measures against future volumetric attacks.