A hacker group believed to be from North Korea appears to be currently targeting cybersecurity experts. Google security researcher Adam Weidemann from the Threat Analysis Group warns of this in his blogpost. He believes that attackers are targeting multiple companies and security professionals to capture more information about vulnerabilities in IT products.

Hackers disguise themselves as security researchers

The procedure is interesting and perfidious: The hackers pose as security researchers. To do this, they built up their own community and used a research blog as a front to increasingly exchange information with authentic security researchers via direct messages by also recycling the work of other security researchers. It was therefore a targeted attack via social engineering to first gain the credibility of other security researchers.

In some cases, the contact was made via Twitter, with the supposed security researchers offering cooperation and drawing attention to recently discovered exploits. The perpetrators then sent a manipulated Visual Studio project, which is usually used to develop and test software code. The code review software was then typically used to inject malware onto the victims' computers, which in turn could connect to a command-and-control server owned by the hackers.

Another method was to spread malicious code via one's own blog using malicious links. As Google warns, Windows 10 systems with Chrome browser were up to date at that time and thus not immune to attacks.

More details about fake accounts in the Google Threat Report

Source: blog.google/threat-analysis-group

Inattention is one of the most common causes of traffic accidents. According to the survey, every third person in a car on Swiss roads is distracted. This is the result of a recent survey by the Swiss Council for Accident Prevention (BFU). The high numbers are problematic for road safety, the consulting agency complains.

According to the report, distraction is still one of the most frequent causes of accidents. This is not without reason: Every year, around 60 people are killed on Swiss roads as a result of carelessness. 1100 people are seriously injured. For the first time, the BFU has conducted a representative survey. Distracted driving is particularly common among pedestrians. Half of them do not pay attention to the traffic when crossing the road.

Distraction as a high accident risk

Those who are distracted on the road increase their risk of accidents and also endanger other people, the BFU writes in its statement. "The most dangerous activities are those in which the eyes are directed away from the road, for example writing a message on the cell phone or reaching for objects in the car," BFU expert Hertach is quoted as saying. Writing a text message increases the risk of an accident sixfold.

The five most important tips for safe driving: 

• Avoid multitasking - at the wheel, on foot and on the bike
• Keep your cell phone in your pocket - no matter how you travel
• Always keep an eye on traffic
• Program navi in car before driving
• To do something important while driving: stop briefly

Cell phone as the most common cause of distraction

The study also shows that cell phones are used most frequently. According to the BFU, 5 percent of drivers use their cell phones in the car. Despite the hands-free system, they type on the cell phone or look at the display. What is striking is that the younger the person, the more often they were distracted in traffic.

"Every tenth person between the ages of 15 and 29 looked at their cell phone or typed on the device while crossing a street on foot," explains the head of the BFU survey. The cell phone is rarely used on a bicycle, but the wearing of headphones often leads to distraction.

Source: AAIB

At the conclusion of a sensational trial, French-Israeli commodities trader Beny Steinmetz was found guilty last Friday by the Geneva Criminal Court of bribery of foreign public officials and forgery of documents. In its verdict, the court stressed that Steinmetz had "participated in a decisive manner in the corruption scheme."

The affirmations of the defense lawyers played no role in the whole affair, as Pulic Eye writes in a statement. Thus, the Geneva judges sentenced the billionaire to five years imprisonment and to pay compensation of fifty million Swiss francs for bribes of almost ten million dollars to Mamadie Touré, the fourth wife of the ex-president of Guinea Lansana Conté. With this "corruption pact," Beny Steinmetz Group Resources (BSGR) allegedly secured the concession for the gigantic iron ore deposits of Simandou. Steinmetz's lawyer has already announced an appeal against the verdict.

Example of perfectly lubricated wheels of international corruption

The spectacular trial, which Public Eye attended, shed a "harsh light" on the "perfectly lubricated wheels of international corruption," with one of the world's poorest countries suffering. The trial revealed the devastation wrought by the opaque offshore structures that private individuals, companies and corporations use to conceal their illegitimate or illegal activities in countries with weak rule-of-law structures.

BSGR systematically concealed its corrupt practices via the Geneva-based consulting firm Onyx Financial Advisors. Its then managing director was also in the dock and was sentenced to two years' probation and ordered to pay 50,000 Swiss francs. The intermediary of BSGR in Guinea, a Frenchman who was in direct contact with Mamadie Touré, has to serve three years and six months behind bars and pay five million francs to the state. Thus, all three links in this classic chain of corruption were held accountable - something that happens very rarely.

This conviction of a top company official sends a strong signal to the entire extractive industry, Public Eye is convinced. It also underlines the urgency with which Switzerland must close its legal loopholes that facilitate such criminal business practices.

Source: Public Eye 

The Inter Association for Rescue Services (IVR) revised the so-called "rescue chain" at the end of November, which systematically shows the care of patients in medical emergency situations. Increasing changes in the rescue system have taken this into account. In the past, for example, organized first aid, which is usually provided by company paramedics and first responders, was not included, the association writes in a statement. The revised chart now includes eight chain links assigned to four phases. These include the stages Readiness, preclinical, clinical and Outcome.

In the phase Readiness preparation for actual emergency events usually takes place in the company. The Sensitization aims to recognize the emergencies and provide assistance. This criterion is addressed to the whole population, especially to the employer.

In the phase Preclinical emergency assistance is now no longer the first priority. Here, professional alerting of the emergency call centers comes first. This is due to the fact that ambulance services have long since ceased to function primarily as rescue services, and the longer they are in operation, the more they are able to guide and support spontaneous first responders with qualified assistance. This also includes the disposition of bridging measures, for example by first responders or company paramedics.

New icon: Impact measurement

After the third phase clinic - medical care - newly completes the phase Impact measurement the rescue chain. This last instance of the rescue chain symbolizes the continuous efforts to strengthen the individual links in the chain - according to the motto: A chain is only as strong as its weakest link. However, this basic principle cannot be evaluated without an effective data basis, as the IVR further states. The last link should always include all systematic improvement approaches, but also science-oriented development.

According to the Inter Association for Rescue, emergency care should be understood as a "composite task of many stakeholders" and an integrating, systemic role. It should be possible for all individuals and organizations involved in the care of emergency patients to find themselves represented in this chain, according to the IVR.

Source: www.ivr-ias.ch 

Amazon, Microsoft and DHL: cybercriminals usually exploit the brands and logos of particularly large companies for phishing attempts. This is nothing new per se. However, since more and more companies are retreating to the home office, a new trend in this direction seems to be emerging, as the Israeli security researchers from Check Point have shown in their "Brand Phishing Report. for the fourth quarter of 2020. As in the third quarter of 2020, the most frequently abused brand was Microsoft. 43 percent of the phishing attempts investigated related to the tech giant. DHL ranked second with 18 percent.

Old phenomenon with increasing tendency

"Users need to be wary of entering personal data and credentials for business applications, and should think twice before opening email attachments or links. This is especially true right now when emails appear to come from large companies such as Microsoft, DHL or Amazon," said Maya Horowitz, Director, Threat Intelligence and Research, Products at Check Point.
Software Technologies.

In the case of brand phishing, cyber crooks usually use a similar-sounding domain and make their website look deceptively real. This often redirects users to a scam website via a different-sounding link. The victims then usually land on a fake website that contains a form asking for login data, payment data or other personal information.

Top Phishing Brands in Q4 2020:

1. Microsoft (in 43 percent of all brand phishing attempts worldwide).
2. DHL (18 percent)
3. LinkedIn (6 percent)
4. Amazon (5 percent)
5. rakuten (4 percent)
6. IKEA (3 percent)
7. google (2 percent)
8. PayPal (2 percent)
9. chase (2 percent)
10. yahoo (1 percent)

View the full report on brand phishing attempts in the fourth quarter of 2020

Source: Check Point 

The demand for protective masks remains high. Unfortunately, there is also an increasing number of counterfeit or unusable protective masks in circulation. As Swiss Safety warns its members in a press release, there is a danger that counterfeit certificates will be used. While at the beginning of the pandemic it was mainly the KN-95 masks that were in demand, in the meantime it is mainly the FFP2 masks that are in demand and which are already the order of the day in Bavaria, for example.

In the meantime, such a fake certificate has also appeared on the Swiss market: False, for example, is the listing of a certain "Certificate of Conformance" that appears in the fake seal of approval.

The correct designation would be "EU Type Examination Certificate".

Swiss Safey advises to check the certificates carefully when purchasing FFP masks and to make sure that an "EU Type Examination Certificate" with the corresponding type examination is given.

Drones are easy to use, relatively cheap, fly fast and can carry loads. They are a popular hobby for many Europeans, and industry is also using them. Drones are also a new, fast-growing topic among security agencies in European countries, and the range of drones available on the market is growing rapidly. However, this is also associated with the need for further training and data protection. Numerous authorities and organizations with security tasks already use drones, for example police authorities and fire departments. Among other things, drones can be used before an attack squad is sent to search for people in a collapsed building; this can save the need for rescue workers to be deployed at the risk of their lives. In addition, drones are inexpensive and a crash can be tolerated. The use of drones by police authorities is conceivable, for example, in the search for missing or wanted persons, the temporary surveillance of buildings and squares, the coordination of police operations, the escorting of meetings or the preservation of evidence.

The opportunities that could arise from the use of drones are still largely unexplored. Companies in a wide range of industries have long since recognized the benefits and potential of commercial drone use, for example for the use of delivery drones by large logistics groups. In the area of security authorities, drones can avoid expensive helicopter missions.

The current and future legal situation

Due to the Corona crisis, the new EU drone regulation, which should have come into force in July 2020, has been delayed. The European Commission is currently planning to bring the new European drone regulation into force on January 1, 2021. The background to the postponement is the wish of some EU member states, which are facing an additional burden due to the consequences of SARS-CoV-2 and therefore need more time to implement the regulations. The new legal regulations of the European Union for Aviation Safety (EASA) aim to define uniform regulations for the operation of drones throughout Europe. A Dronespace app will also give drone pilots the ability to determine in real time whether or not their flight is permitted at the selected location. A dedicated tool will make it easier for drone users to find out the right type of permit for their particular drone.

Drones in the Corona Crisis Drones that control Corona exit restrictions and call for people to stay home have already become common practice in some places outside Europe. In China, drones are being actively used in the containment of the Corona pandemic. In recent weeks, for example, several pilot tests have been carried out there to spray disinfectant against the corona virus in public areas. Drones originally used to spray pesticides were adapted for this purpose. Other attempts at drone deployment have included deliveries of medicines and food to remote Corona quarantine areas. Drones are also being used to deliver supplies, including medicines, to people in Russia during the Corona crisis.

Drones are being used in the Corona crisis in Switzerland, Italy, Spain, France and Germany. The Geneva Cantonal Police, for example, says it uses drones because they provide a view from above to better observe the presence of groups of people in public spaces. A spokesman for the Geneva cantonal police said, "Drones also make it possible to fly over places that are difficult to access." Anti-Corona announcements, however, were not yet made by the Geneva drones.

The Zurich cantonal police and their colleagues in St.Gallen have so far ruled out a Corona drone deployment. Only very few cantons currently have an explicit legal basis regulating the use of drones by Swiss security authorities. As far as the evaluation and deletion of image recordings is concerned, the usual data protection rules apply. Moreover, according to Swiss federal regulations, drones must always be flown on sight.

In the USA, in the state of Connecticut, the first tests of a pandemic drone designed to detect people infected with the coronavirus from the air, at a distance of up to 58 meters, took place in April. Australian scientists were also involved in the development of the drone by a Canadian manufacturer. The goal of this new technology is to provide real-time data to the relevant authorities. The tactic is this, to distinguish healthy from sick people by having the pandemic drone measure people's vital signs from a distance. It is equipped with sensors to measure body temperature and heart and breathing rates of the targeted people. Besides, it can also detect various actions such as sneezing and coughing. In addition, the drone can also be used to locate crowds and check for compliance with distance rules.8 From a data protection perspective, it can be argued that these drones do not collect personalized data and are not capable of identifying people, facial recognition should not be used.

In Germany, the use of drones to control restrictions imposed in the fight against the coronavirus is still rather an exception. In North Rhine-Westphalia, ten police agencies tested the use of two drones each. These were used, among other things, to search locations and warn people at popular gathering points via loudspeaker of the health risks of too close proximity. This is comparable to announcements made by a patrol car. A spokesman for the Düsseldorf police emphasized that the drone's camera was not used to identify individuals, and people's reactions were "quite positive," with many showing interest in the technology.

Examples of threat scenarios

Since 2013, headlines about incidents involving drones have been increasing. In September 2013, a drone crashed a few meters from German Chancellor Angela Merkel during an election campaign event in Dresden. In October 2014, a drone pulled a flag for the establishment of a Greater Albania through the Serbian stadium in Belgrade during the European Championship qualifying match between Serbia and Albania; the match had to be abandoned due to violent riots by fans in attendance. In April 2015, a drone carrying radioactive material landed in Tokyo on the official residence of the Japanese prime minister; its pilot wanted to use it to demonstrate against nuclear power. In May 2017, a packed Swiss Airbus narrowly escaped a potentially fatal collision with a drone flying far too high and without authorization as it approached Zurich.

Threat scenarios at airports

The greatest potential danger posed by drones to air traffic in Europe is the large number of hobby users. The Unmanned Aerial Vehicles Association estimates that there are more than one million drones in Germany alone, of which only 20,000 are used commercially. According to data from the U.S. IT market research firm Gartner, more than three million drones worth at least six billion U.S. dollars were reportedly sold worldwide in 2017 alone.11 The private use of drones weighing up to a maximum of 25 kilograms has only been regulated since July 2019 by EU Regulation 2019/947. Legally, drones should not get in the way of commercial aircraft by prohibiting entry into areas near airports and imposing altitude restrictions.12 However, the closures of walking space in London in late 2018 and Frankfurt in early 2019 have shown what can happen when drones are flown near airports unknowingly or with the intention of disrupting air traffic. As early as 2016, a British study showed that commercial aircraft can be critically damaged by drones weighing four kilograms or more.13 Helicopters and small aircraft are even more susceptible to collisions with drones. Because of their range of operations, helicopters are often flying at such low altitudes that they can collide there with drones that adhere to the applicable altitude restrictions.

The majority of drone use in restricted areas such as airports happens accidentally or out of ignorance. Reconnaissance, geofencing of drones and signage on the ground are suitable means of prevention. In the case of a terrorist attack with drones, however, warnings and criminal consequences do not help; then the ability of security authorities to detect and defend against drones is called for. People who are aware of the illegality of their use of drones may, for example, be dismissed employees or people who have always wanted to paralyze an airport or film an aircraft at close range.

Terrorist threat scenarios

Easy and inexpensive access to drones opens up new attack opportunities for terrorists. For example, a drone carrying an explosive device could approach a large event with thousands of people crowded together in a confined area. Possible targets for drones carrying explosive devices include amusement parks, concerts, airports, train stations, ships, football games, Christmas markets, events, the Vienna Prater, church conventions, Christopher Street Day, Fridays for Future, ministries, government agencies, universities, and security agency training and education facilities in order to weaken the personnel future of these agencies.15 Even a single drone scattering white powder over a marketplace or pedestrian mall could cause mass panic with the suspicion of a biological or chemical weapon injuring and/or trampling people to death. The following terrorist scenarios using drones as an effective means are possible: attacks on individuals such as public figures, representatives of the state, or crowds. Attacks on critical infrastructures (water and energy suppliers) or facilities with high risk potential (industrial facilities such as chemical companies). It is also possible to conduct perpetrator observation of police operations (deployments of police and military special forces) in order to scout and exploit tactical weaknesses.

Conclusion and outlook

Drones are valuable tools for industry, police, firefighters and rescue services. But drones also pose risks, especially for manned aviation. Here, efficient drone detection systems must be developed and deployed to protect sensitive infrastructures such as airports from drones. It would also be important to have a central national and international collection point for an overview of security-related incidents concerning the preparation, attempt or execution of the use of drones as a means of committing crimes. The technical development of drones and drone detection systems is advancing rapidly, and the European states and the European Union must act with legal foresight and enact legislation that minimizes the threats posed by drones.

In the 2020 financial year, Gebäudeversicherung Kanton Zürich reported an estimated total loss amount of 57.6 million Swiss francs. In the previous year, the total damage sum amounted to 37.3 million francs. The additional 20.3 million Swiss francs are mainly attributable to the two storms "Petra" and "Sabine" that hit in the spring of 2020. Both fire damage and natural hazards increased dramatically again in 2020.

Last year, Zurich Building Insurance processed a total of 10,473 claims. In the previous year, the figure was 2838, with 1235 fire claims and 9,238 natural hazards claims. According to the GVZ, the total estimated fire damage amounts to 40.3 million Swiss francs, while natural hazards amount to a hefty 17.3 million Swiss francs. In the previous year, natural hazards accounted for six million francs. Fire damage amounted to 31.3 million francs in the previous year.

The loss figures are shown on the Website of the GVZ Gebäudeversicherung Kanton Zürich. The figures are provisional. GVZ will publish the definitive business figures for 2020 at the end of April 2021.

Source: GVZ

"The Allianz Risk Barometer 2021 is clearly dominated by the Covid 19 trio. Business interruption (BU), pandemic and cyber are strongly interlinked and demonstrate the growing vulnerability of our highly globalized and interconnected world," said Joachim Müller, CEO of AGCS. "The coronavirus pandemic reminds us that risk management and business continuity management must continue to evolve to better equip organizations to withstand and survive extreme events. While the pandemic continues to keep a tight grip on many countries around the world, we need to prepare for more frequent extreme scenarios - such as a global cloud outage or cyberattack, natural disasters due to climate change, or even another disease outbreak."

The Covid 19 crisis continues to pose an imminent threat to individual safety and businesses - with the consequence that the risk has displaced other threats worldwide and risen 15 positions to No. 2 in the rankings, according to the Allianz media release. Before Corona, the pandemic risk had never been higher than 16th place in the ten years of the Allianz Risk Barometer. This shows that it was a significantly underestimated risk. In 2021, however, it is the top risk in 16 countries and also among the top three risks on all continents and in 35 of the 38 countries analyzed, it says.

Top hazards in Switzerland

In Switzerland, too, business interruption (1st place with 58% of responses), cyber incidents (56%) and pandemic outbreak (48%) dominate the ranking - with Swiss companies rating the risk of a cyber incident (2nd place) even higher than the consequences of the pandemic (3rd place). One place lower than last year in 4th place (24%) are legal changes such as trade wars and tariffs, protectionism and economic sanctions. Also new in the top ten, bucking the global downward trend, is the risk of climate change/increasing weather volatility, which ranks 7th (12%).

Pandemic drives operational disruption - now and in the future

BU risks have been at the top of the Risk Barometer seven times before, and they are now returning to No. 1, having been replaced by cyber incidents in 2020. The pandemic shows that extreme BU events of global proportions are not just theoretical, but a real threat that can lead to massive revenue losses and disruptions to production, operations and supply chains, he said. 59% of respondents cited pandemic as the main cause of BU in 2021, followed by cyber incidents (46%) and natural disasters, fire and explosions (around 30% each).

BCM as the most important measure

According to Allianz, the pandemic thus joins the growing list of BU scenarios without preceding property damage, such as cyber or power outages. "The consequences of the pandemic - broader digitalization, more work from home and the growing dependence on technology in companies and society - are likely to increase business interruption risks in Switzerland in the future," explains Christoph Müller, Country Manager AGCS in Switzerland. In response to increased BU vulnerability, many companies are looking to make their operations more resilient and their supply chains more robust, he said. According to Allianz Risk Barometer respondents, improving business continuity management is the top action companies want to take (62%), followed by developing alternative or multiple suppliers (45%), investing in digital supply chains (32%) and improving supplier selection and vetting (31%).

Cyber dangers intensify

Cyber incidents, he said, had dropped to No. 3 in the global ranking, but remained a top threat with more percentage responses than in 2020 and still ranked as a top 3 risk in many countries, including Switzerland (No. 2). The pandemic-driven acceleration toward more digitization and home offices also further exacerbates IT vulnerabilities, he said. Covid-19-related malware and ransomware incidents increased by more than a third in 2020, according to Interpol, and phishing and fraud incidents increased by as much as half. Ransomware attacks, already common, would continue to increase. They are increasingly targeting large enterprises with high extortion demands, as the latest AGCS report on cyber risk trends shows.

"Covid-19 has shown how quickly cybercriminals can adapt. The digitalization push from the pandemic has created new opportunities for attacks. New cyber damage scenarios are constantly evolving," says Catharina Richter, global head of the Allianz Cyber Center of Competence at AGCS.

The annual survey by Allianz Global Corporate & Specialty (AGCS) incorporated the views of 2769 experts from 92 countries, including CEOs, risk managers, brokers and insurance professionals.

For more information on the Allianz Risk Barometer 2021 here.

Honeywell has published a study showing that a majority of workers in buildings with more than 500 employees in the U.S., U.K., Germany and the Middle East do not feel completely safe at work. The number is even higher among employees who increasingly work from home offices (75 percent), it said. According to the survey, employees are particularly sensitive to criteria such as air quality and compliance with safety lines during the pandemic. Fifty-six percent of the 2,000 employees surveyed expressed concern about becoming infected through airborne transmission rather than touching surfaces.

More top measures desired

Many respondents even believe that buildings with outdated ventilation systems are more dangerous than colleagues who do not follow safety guidelines. Specifically, more than half of employees believe that building management has not taken the necessary steps to ensure workplace safety, the release further concludes.

In England, Germany, the United Kingdom and the Middle East, users expect employers to have to invest more in building technology in the future. Other top measures that employees want more of include Social Distancing concepts or mandatory masks, followed by health screening protocols or body temperature checks, and improved cleaning procedures. No survey results are currently available for Switzerland.

To the full report 

Source: Honeywell

A nationwide exercise from Nov. 11 to 13 examined how Switzerland could withstand a prolonged terrorist threat and what aspects would be at the forefront. According to a statement by the federal government, a total of around 2,000 executives from 70 federal and cantonal staffs took part in the exercise as part of the Swiss Security Network (SVS) (SVU 19) participated.

Uniform management processes for police corps

Operationally, Switzerland would be able to cope well with a terrorist threat situation. However, some weaknesses in crisis management were also identified. For example, internationally binding command and control processes in the police corps and uniform operational orders are to be created. In addition, the strategic situation picture is to be standardized with a condensation of all technical issues in order to make it suitable for all types of crises. In addition, crisis communication at the political level is to be included in an upcoming exercise. Also taking into account the results from the pandemic response, the Federal Council intends to discuss an overall plan for large-scale exercises by mid-2021.

A total of 15 recommendations have been submitted to cantonal conferences of the justice and police departments as well as to the military and civil defense. The cantons have already taken note of the report at the autumn meeting of the KKJPD on 12 November 2020 and at the plenary meeting of the RK MZF on 30 November 2020 and are in the process of implementing it. The Federal Council, however, mandates the implementation of eight of the recommendations, for which the federal agencies have the lead.

Source: Federal Council

The Swiss Society for Emergency and Rescue Medicine (SGNOR) is calling for rapid nationwide vaccination of staff in all hospitals in Switzerland to reduce the number and means of serious illnesses and deaths. Especially the nursing staff should now be provided with vaccinations quickly, demands the Society of Emergency and Rescue Medicine. In a statement, the SGNOR calls for a cross-cantonal strategy for the risk group. The further vaccinations should now be administered to the nursing staff promptly, supra-regionally and throughout Switzerland. Paramedics and emergency physicians are particularly exposed.

"Our employees have been on the Covid 19 front for almost a year. Depending on the canton, they are vaccinated earlier or later," complains Prof. Aristomenis Exadaktylos, co-president of SGNOR. From SGNOR's point of view, the Conference of Health Directors (GDK) must immediately establish clear and uniform regulations for the prioritization of vaccination. Should this not succeed at the level of the cantons, the federal government must act, SGNOR demands.

Source: SGNOR