'%20id='ico-down'%20stroke='%23000000'%20stroke-width='1.5'%3e%3cg%20transform='translate(1092.250000,%20254.750000)'%3e%3cpolyline%20id='Path-2-Copy-4'%20transform='translate(5.500000,%202.750000)%20scale(1,%20-1)%20rotate(-180.000000)%20translate(-5.500000,%20-2.750000)%20'%20points='0%200%205.5%205.5%2011%200'%3e%3c/polyline%3e%3c/g%3e%3c/g%3e%3c/g%3e%3c/svg%3e){kind=small}
The University of Neuchâtel website was functioning again on Friday evening following a cyberattack but an investigation continues into the scope of the problem. The university is the latest Swiss institution to fall victim to a cyber attack.
“The attack comes from a malicious software that can automatically generate a message on the workstations saying that some files have been encrypted,” said the university in western Switzerland on Friday evening on its website. The IT system found that there had been encryption.
After the first signs of the cyberattack late on Thursday, the university in western Switzerland took security measures, including blocking all its computer systems, Nando Luginbühl, head of its press office, confirmed on Friday. This made it impossible to work or study.
The university said on Friday evening that it wasn’t possible to know if any data had been intercepted and IT teams were still looking into the scope of the problem, contain it and reactive other services.
There has been a recent upsurge in cyberattacks in Switzerland. Price comparison website Comparis was shut down in July by attackers demanding $400,000 (CHF370,000) to put it back online. At the time, a Comparis spokesperson told SWI swissinfo.ch that no ransom had been paid.
The Stadler rail company, defence contractor RUAG, and the canton Vaud municipality of Rolle have also been targets.
Companies warned
Meanwhile, the National Cyber Security Centre has sent a registered letter to 130 companies and local authorities urging them to install security patches for Microsoft Exchange Servers, which are used to manage emails, meetings and contacts, for example.
“The security vulnerabilities in Microsoft Exchange Servers, which have been known for a long time, are being actively exploited by cybercriminals to install encryption Trojans,” it said, referring to a term for ransomware.
The National Cyber Security Centre said it had emailed over 4,500 businesses and local authorities last year about the security vulnerability and included instructions on how to remedy it. But “despite several follow-up attempts, not all affected parties have yet taken the necessary action”, it said.
Keystone-SDA/jc