Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Incident Response

Report: Swiss Spy Agency Warns Of Huge Data Leak from Insider

According to a report from Reuters, sensitive information on counter-terrorism shared by several foreign governments was potentially compromised by a massive data theft at a Swiss intelligence agency.

The data heist, according to what European national security sources told Reuters, was by an unnamed IT technician for the NDB, a Swiss intelligence agency.

According to a report from Reuters, sensitive information on counter-terrorism shared by several foreign governments was potentially compromised by a massive data theft at a Swiss intelligence agency.

The data heist, according to what European national security sources told Reuters, was by an unnamed IT technician for the NDB, a Swiss intelligence agency.

The incident was said to have occurred last summer, resulting in the technician being arrested after he was acting suspiciously. Sources familiar with the case told the news service that the technician was later was released from prison while a criminal investigation by the office of Switzerland’s Federal Attorney General was conducted.

“Swiss news reports and the sources close to the investigation said that investigators believe the technician downloaded terrabytes, running into hundreds of thousands or even millions of printed pages, of classified material from the Swiss intelligence service’s servers onto portable hard drives,” Reuters’ Mark Hosenball reported. “He then carried them out of government buildings in a backpack.”

Intelligence services like the U.S. Central Intelligence Agency (CIA) and Britain’s Secret Intelligence Service (MI6) often shared data on counter-terrorism and other issues with the NDB, a source familiar with the investigation told Reuters. Because of this, Swiss authorities have reportedly informed U.S. and British agencies about the incident.

On the positive side, Reuters’ sources said that Swiss authorities believe that the suspect was arrested before he had an opportunity to sell the data which was found by authorities on portable storage devices.

Reuters, citing Swiss news reports, said the NDB was unaware of the incident until UBS warned authorities about a suspicious attempt to set up a new bank account that was traced to the NDB technician.

The full story from Reuters with additional background and details is here.

Advertisement. Scroll to continue reading.

Related: White House Issues National Insider Threat Policy

Related: The Psychology of the Insider Threat

RelatedCMU Researchers Release Insider Threat Security Reference Architecture

Written By

For more than 15 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Data Breaches

LastPass DevOp engineer's home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud...

Incident Response

Microsoft has rolled out a preview version of Security Copilot, a ChatGPT-powered tool to help organizations automate cybersecurity tasks.

Data Breaches

GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.

Cybercrime

Daniel Kelley was just 18 years old when he was arrested and charged on thirty counts – most infamously for the 2015 hack of...

Application Security

GitHub this week announced the revocation of three certificates used for the GitHub Desktop and Atom applications.

Cybercrime

No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.