Swiss cyberspace: over 2.5 million potential vulnerabilities

The results of a scientific study of the Swiss cyberspace, including all publicly connected IT infrastructures, were presented yesterday at the Swiss Cyber Security Days. Over 2.5 million potential vulnerabilities were identified, of which over one million were classified as critical or high-risk, according to the company Dreamlab Technologies.

Nicolas Mayencourt, CEO of Dreamlab Technologies, and Professor Marc K. Peter presented a report that sheds light on what a nation or a cybercriminal would see when scanning Swiss cyberspace for potential attacks. The scan, made possible by the CyObs software solution, measures the external attack surface and catalogs all IT infrastructures (such as servers and firewalls) connected to the Internet. This comprehensive analysis provides an overview of the potential vulnerabilities in Swiss cyberspace, the so-called attack surface.

The most important findings from the CyObs Report 2024:

• 3,235,826 active IPv4 addresses assigned to Switzerland and 1,885,471 active domains were found.
• 2.5 million potential vulnerabilities (based on metadata or software version numbers), of which 421,735 are classified as critical and 727,557 as high.
• Only 18.9% of the servers for active domains are located in the Swiss IP range; 81.1% of the servers are located outside Swiss cyberspace.
• Only around 13.4 % of DNS servers are located in the Swiss IP range; 86.6 % of servers are located outside Switzerland. They provide DNS services for 50.9% of the domains in Swiss cyberspace.
• Only 29.4% of mail exchange servers are located in Swiss cyberspace. They offer mail services for 59.4% of the domains.

Potential vulnerabilities include unsupported operating systems with known vulnerabilities, outdated firewalls, unprotected databases, vulnerable websites susceptible to password theft, connected industrial devices without upstream firewalls that contain vulnerabilities, and FTP servers.

781 Weaknesses in the federal administration

In Swiss cyberspace, the scan discovered 604 active domains and 439 active IPv4 addresses associated with the Swiss Federal Administration (admin.ch). The scan uncovered 781 potential vulnerabilities, of which 18 % were classified as critical and 25 % as high. The majority of the critical potential vulnerabilities in the Internet infrastructure of the Swiss Federal Administration are due to outdated versions of OpenSSH and Apache HTTPD.

In their keynote, Nicolas Mayencourt and Marc K. Peter highlighted Switzerland's potential to implement basic cyber hygiene practices in its national cyberspace. They emphasized that initiating a public discussion on national cybersecurity is the beginning of developing a comprehensive national cybersecurity strategy.

Priority for digital rights

This discourse is crucial for shaping the foundations of the digital society by prioritizing digital rights, privacy and product safety in the political and economic investments that are necessary for citizens in the course of the digital transformation.

The research report on Swiss cyberspace with a foreword by Major General Simon Müller, head of the Swiss Armed Forces Cyber Command, is available at www.cyobs.com/switzerland for free download.