20 years of fighting cybercrime

To celebrate 20 years of SWITCH-CERT, five experts discuss the past, present and future of IT security.

Published on 15.09.2016

For 20 years, SWITCH's Computer Emergency Response Team (CERT) has been hunting down viruses, worms and other digital pests.

How was this done in the early days? How is it done now? What challenges will SWITCH-CERT face going forward? Five experts shed light on the importance of IT security and what it involves from a variety of viewpoints. Hannes Lubich recounts the history of Internet security, Martin Leuthold explains the general security issues we need to be aware of these days, Michael Hausding tells us why the registry is so crucial to security on the Internet, Silvio Oertli outlines the importance of the universities with regard to cybercrime, and Frank Herberg illustrates how the cybercriminals of the future might be able to exploit seemingly insignificant information.

Hannes Lubich, Professor of Computer Science at the University of Applied Sciences Northwestern Switzerland and co-founder of SWITCH-CERT:

"We were tasked with building trust."

Hannes Lubich is an old-school IT security specialist. He tells us how it used to be: "I was a researcher at ETH Zurich, and it was entirely normal for me to log into other people’s systems at the weekend and correct any mistakes I found." Elaborate security processes simply did not exist back then. The main tasks were obtaining information and building trust.

Hannes Lubich

Martin Leuthold, Head of Division, Security at SWITCH since 2016:

"Security must shake off its image as a hindrance."

The Internet now generates turnover in the region of CHF 80 billion, and that is just the tip of the iceberg. As the digitalisation of society and business progresses, so does the professionalisation of cybercrime. To show just how true this is, the UK's National Crime Agency estimates that its country's losses due to cybercrime are set to be higher than those due to physical crime for the first time this year. Martin Leuthold is thus convinced that today's IT security methods will not be enough in future. In his view, there are three additional aspects we should be focusing on.

Martin Leuthold

Michael Hausding, Competence Leader, Domain Name System and Domain Abuse

"Cybercriminals need domain names for their business. That's where we come in."

These days, it is easy to enter the underground Internet economy. Botnets and ransomware are now available on the international market and require no specialist knowledge. Michael Hausding explains why domain names are so essential for cybercriminals and how .ch has become one of the world's most secure top-level domains.

Michael Hausding

Frank Herberg, Team Leader, Security – Financial Services:

"The combination of the Internet of Things and social engineering poses a huge threat."

We have no way of knowing what lies ahead. Frank Herberg offers a fictitious account of how a mix of information from the Internet of Things and social engineering might lead to a successful e-banking attack. He goes on to set out a basic concept for defending against such attacks.

Frank Herberg

Silvio Oertli, Team Leader, Security – Universities & Registry:

"We can face up to it thanks to our positioning between the universities, the banks and the registry."

Access to cutting-edge technology means that Swiss education standards are among the highest in the world and must be maintained to ensure that these standards remain high. However, cybercriminals are making this increasingly difficult. Silvio Oertli shows why SWITCH-CERT nevertheless has a lot of faith in the future.

Silvio Oertli
Other articles