Since 2024, Switzerland is experiencing a notable rise in cyberattacks, affecting both private companies and critical infrastructures. The number of cyberattacks is increasing, and the sophistication of methods used by cybercriminals makes the situation even more complex.
Authorities, such as the Federal Office for Cybersecurity (OFCS) former National Cyber Security Centre (NCSC), have strengthened their measures and communications around incidents to enable better protection for organisations and citizens.
The Cyber Threat Landscape in Switzerland: An Evolving Context
In 2024, the OFCS recorded approximately 63,000 incidents, nearly doubling compared to 2023. This increase is explained by the rise in sophisticated attacks and by heightened vigilance from companies, which now report more incidents. Users navigating a complex digital environment also makes detection more challenging. In 2025, although the total number of reports is slightly lower, attacks are more targeted and dangerous, emphasising the importance of staying informed and collaborating with specialists to analyse threats and manage sensitive data.
Major Trend 1: The Rise of Ransomware Attacks
Ransomware continues to pose a major threat in Switzerland. In 2024, several companies were affected by groups such as Akira or Black Basta, disrupting operations and demanding cryptocurrency ransoms. While the number of attacks slightly decreased in 2025, methods have become more sophisticated, and some cybercriminals now use AI to generate polymorphic malware variants. These developments highlight the need for Swiss companies to implement robust security strategies and rapid incident response plans.
Major Trend 2: Evolution of Phishing and Social Engineering Attacks
Phishing is on the rise. The OFCS recorded over 975,000 phishing messages in 2024, compared to less than 500,000 in 2023. These attacks often involve impersonation of major Swiss companies or fraudulent delivery notifications. In 2025, cybercriminals increasingly use AI to create deceptive messages and websites that are nearly indistinguishable from legitimate sites. Companies must train employees to detect these attempts and report any cyber incidents through official channels.
Major Trend 3: AI and Automation-Related Threats
AI and automation are changing the threat landscape. In 2024, some phishing and ransomware campaigns were already automated, allowing rapid targeting of a large number of victims. In 2025, AI-driven attacks become more precise, capable of tailoring messages according to the target, making IT security harder to maintain. Companies must anticipate these risks, secure sensitive information, and collaborate with specialists to detect and counter these new forms of threats.
Major Trend 4: Vulnerability of Supply Chains and Critical Infrastructures
Supply chains remain a significant weak point. Attacks on third-party suppliers can compromise multiple organisations simultaneously. In 2024, several incidents affected IT providers, disrupting client companies. In 2025, regulations require critical infrastructure operators to report any cyberattack within 24 hours to the NCSC, enhancing monitoring and rapid response to incidents. These measures aim to protect Switzerland’s essential networks and ensure continuity of public and private services.
Major Trend 5: Attacks on Critical Infrastructures
Since 1 April 2025, operators of critical infrastructures in Switzerland have been required to report any cyberattack to the FOCS within 24 hours of detection.
The sectors concerned include energy, drinking water, transport, healthcare, communications, public security, and cantonal or municipal administrations. The report must cover any incident that compromises operations, causes a data breach, or involves blackmail or extortion. Legal sanctions for non-compliance will take effect from 1 October 2025.
How SPIE Supports Swiss Companies in Anticipating These Trends
SPIE assists Swiss organizations by offering a proactive cybersecurity approach. SPIE specialists conduct comprehensive audits of systems and supply chains, secure sensitive data, and implement advanced threat detection solutions. Employee training is central to their approach, including phishing simulations and incident management sessions. SPIE also helps companies remain compliant with new legal obligations and improve internal communication to anticipate and mitigate the impact of Swiss cyberattacks. This integrated approach allows companies to navigate an increasingly hostile digital environment with greater confidence.