Targeted Attack

Cyber Attack University of Zurich

In February 2023, the University of Zurich was targeted by a sophisticated cyber attack. The incident paralysed IT systems and endangered research and student data.

Cyber Attack University of Zurich

What happened?

In early February 2023, the University of Zurich (UZH) — Switzerland’s largest university — discovered a targeted cyber attack on its IT infrastructure. The attackers had gained access to internal systems and were attempting to penetrate deeper into the network.

UZH reacted swiftly: together with external cyber security experts and in close cooperation with the National Cyber Security Centre (NCSC), extensive countermeasures were initiated. Numerous IT services had to be temporarily shut down, including email systems, VPN access and internal platforms.

The attack was not a random “spray and pray” approach but a targeted operation tailored to UZH’s specific infrastructure. The attackers used multiple entry points and demonstrated a high level of technical competence. Experts did not rule out a state-sponsored actor.

Who was affected?

  • Over 28,000 students whose personal data and academic records were potentially at risk
  • Approximately 9,000 employees including researchers and administrative staff
  • Research groups with ongoing projects
  • The University Hospital Zurich (USZ), which took precautionary measures due to close IT interconnection
  • Spin-off companies and industry partners

Particularly sensitive were medical research data: UZH conducts clinical studies and stores patient data subject to the Human Research Act and medical confidentiality.

How large was the damage?

The total financial damage is estimated at CHF 3–10m:

Cost itemEstimated costCovered by cyber insurance?
Incident Response & ForensicsCHF 800,000–1.5mYes
IT system restorationCHF 500,000–1.5mYes
Security upgradesCHF 500,000–2mPartially
Business interruption (teaching/research)CHF 500,000–1.5mYes
Personnel costsCHF 300,000–800,000Yes
Estimated total damageCHF 3–10m~60–75% potentially covered

Lessons for Swiss SMEs

  1. Underestimated attack surface: Every organisation with valuable data is a target.
  2. Legacy systems: Many SMEs still use outdated, unpatched software.
  3. Decentralised IT responsibility: A central IT security strategy is often lacking.
  4. Rapid response saves data: A pre-defined incident response plan is essential.
  5. Targeted attacks are increasing: Not only ransomware but also state actors and industrial espionage.

Get a free consultation. The experts at BTAG Versicherungsbroker AG in Bern help you realistically assess your cyber risk.

Have questions about cyber insurance?

Our partners at BTAG are happy to advise you — free and with no obligation.

Learn more Or calculate your costs first

A service of BTAG Versicherungsbroker AG, Bern — independent advice since 1990.

BTAG Versicherungsbroker AG Mitglied SIBA FINMA Register-Nr. 12229
Contact us →