Cybersecurity Update – October 2025

Attacks on Critical Infrastructure

No one is immune to cybercrime – not even operators of critical infrastructure. The Swiss Federal Office for Cybersecurity has published its first report on mandatory incident notifications. In just six months, 164 attacks were recorded against critical systems.

Top attack vectors: DDoS (18.1%), Hacking (16.1%), Ransomware (12.4%) and Credential theft (11.4%). Data leaks and generic malware each accounted for under 10%. In several cases, attackers combined methods – for example, ransomware coupled with data exfiltration. Financial services remain the most targeted sector, with 19% of all incidents.

Escalating Threat Landscape

Regardless of whether attackers target critical infrastructure or SMEs, one factor is constant: people. Humans are the gatekeepers criminals must trick or pressure to gain access. Email remains their main entry point for phishing. Increasingly, attackers also use social engineering via phone calls – impersonating police officers, for example – to apply psychological pressure and extort money.
 
The Federal Office for Cybersecurity recently warned about a particularly nasty scam: attackers call victims in a casual tone, claiming to be hired killers, and demand payment to abandon the alleged “contract”. On average, the office processes around 1,500 reports per week of phishing, fraud, and other digital crimes.

Emerging Threat Trends

Every business is a target if it is seen as both willing to pay and easy to compromise. Weak technical safeguards make organisations low-effort, high-reward victims.
AI now amplifies digital crime by enabling more sophisticated attacks. Deepfakes, increasingly difficult to spot, raise the risk of falling for a scam. Fortunately, AI also strengthens defence – analysing network traffic in the cloud and on-premises, detecting attack patterns. Microsoft integrates and continually expands such protections within Microsoft 365.

Yet, no technology is infallible. Poorly designed hybrid cloud architectures are increasingly targeted, as shown by the Storm ransomware group. Daily challenges for IT security teams include attacks on firewalls, GitLab instances, browsers, routers, Microsoft software, containers, operating systems, vehicles, thermostats, energy grids and more. In short: anything with software and a network connection is under constant threat.

How Baggenstos Protects

Large enterprises often have the resources to comply with complex security requirements. SMEs, however, typically benefit from the cloud as a more practical and secure option – complemented by on-premises installations where business processes or data protection demand it.

With Baggenstos M365 Cloud, customers benefit from robust, natively integrated security. Our carefully designed cloud architecture and b.secure triple-layer protection provide a strong baseline that can be further reinforced through training and fostering a security-first mindset across the organisation.

“It’s people who must close the loopholes that technology alone cannot cover,” says Sven Lüders, Cloud Solution Architect at Baggenstos.

Cybersecurity Tips for SMEs

• Only operate systems in-house if you can secure them properly – otherwise, partner with a managed service provider specialising in hybrid cloud architectures.
• Classify and protect your data.
• Apply least privilege access controls.
• Train your staff regularly, run attack simulations, and showcase the latest cyber-criminal tactics.
• Recognise IT risks as business risks – downtime damages your brand.
• Implement multi-factor authentication; adopt phishing-resistant passkeys wherever possible.
• Always verify suspicious requests for sensitive data or payments through a second channel – even if the message appears to come from the CEO.
  
   

→ SME Cybersecurity Guidelines – Swiss Federal Office for Cybersecurity
→ Federal IKT Minimum Standards
→ Top Cyber Threats Overview