“Off the record: we were hit, we paid, but we will never admit it publicly.” This could be the acknowledgment of many CEOs around the world. It’s hard to imagine another industry that has grown as fast and invisibly as cybercrime. What began as a playground for curious teenagers in hoodies has turned into a professional ecosystem with its own business models, talent pipelines and customer relations. Today’s cyber gangs operate almost like regular businesses. They advertise on dark-web forums, rent out hacking tools “as a service”, and even run help desks for victims negotiating a ransom and handling the transaction. The latest ENISA Threat Landscape describes this evolution with chilling precision: cybercrime now mirrors the logic of legitimate business.

The numbers are staggering. Global damages from cyberattacks are projected to surpass USD 10 trillion a year. Ransomware has become the preferred money-spinner – simple, scalable, and brutally effective. In Switzerland, a 2024 attack on the Zurich-based procurement firm Chain IQ partially disrupted the financial sector. This has shown how even well-guarded organisations can fall victim when suppliers are breached. Since 1 April 2025, operators of critical infrastructure such as powerplants, hospitals and railways in Switzerland have been legally required to report cyberattacks. Anyone who is attacked must report this to the Federal Office for Cyber Security (BACS) within 24 hours. By the end of that year, 222 mandatory reports had been received. That is almost one per day. The battleground is everywhere: every inbox, every smartphone, every unsecured network is a potential entry point. In contrast, the hotspots of this shadow economy lie mostly in regions where law enforcement can’t or won’t do much.

How to Stay Ahead of Invisible Enemies

For most organisations, good cybersecurity doesn’t begin with expensive technology but with habits. Strong passwords, multifactor authentication, regular backups, and a workforce that spots suspicious messages are still the most effective shields. Yet small and medium-sized enterprises (SME) often lack the resources for dedicated experts. That’s why the Swiss National Cyber Security Centre (NCSC) has become a crucial ally, offering practical checklists and a simple incident-reporting portal. Additionally, various online tools like the “Cybersecurity Check for SME” from the Alliance Digital Security help businesses gauge their resilience without needing an IT department.

Still, awareness alone is not enough. The latest Swiss Cyber Study found that many companies recognise the risk but fail to budget for it. And while Switzerland’s current National Cyberstrategy strengthens reporting obligations for critical infrastructure, regulations alone cannot keep pace with the ingenuity of attackers. Last October, authorities warned that approximately 200 Swiss companies fell victim to ransomware attacks from one single hacker group alone that had recently intensified its activities in Switzerland. What can really work in combatting cybercrime is collaboration. Sharing information across sectors, learning from incidents, and treating cybersecurity as a shared responsibility to make a difference. However, many victims are reluctant to share their experiences because they fear damage to their reputation. Reporting an attack should no longer feel shameful; it’s an act of solidarity in a connected world.

AI Joins the Game

Artificial Intelligence is the newest player in the cybersecurity arena that is changing the rules for everyone. For attackers, AI is a gift. It writes perfect phishing e-mails, generates convincing fake voices, and can mimic a CEO’s tone in seconds. The result: scams that even seasoned professionals struggle to spot. But the story doesn’t end there. Anthropic’s recent report claims to have observed the first reported AI-orchestrated cyberattack. According to their report, attackers exploited the Claude model to automate a cyber-espionage campaign, allegedly achieving 90 percent automation. How? By bypassing safety restrictions through clever prompt engineering – framing malicious tasks as legitimate penetration tests and breaking them into smaller, seemingly harmless components. Claude then executed network mapping, vulnerability scanning, exploit generation, and credential collection, while humans stepped in only for critical decisions. In reality, this looks less like full autonomy and more like a hybrid model: AI as an orchestration engine under human direction.

If Anthropic’s claim holds true, this could mark a turning point – a moment when AI-driven automation reshapes the threat landscape faster than our current defences can adapt. Even if full autonomy isn’t here yet, the trajectory is clear: attacks will scale, and defences must evolve. Defenders aren’t standing still. Security teams now deploy AI to sift through oceans of data, detecting anomalies that would otherwise go unnoticed. Machine-learning models can flag suspicious logins within milliseconds. Yet this remains an uneven race: attackers need one lucky strike; defenders must be right every time. The real advantage will belong to those who use AI wisely – as a transparent tool guided by human judgment, not as a black-box oracle. Switzerland, with its culture of trust, collaboration, and precision, is well placed to lead by example. Combining academic research, responsible regulation, and innovative companies can turn cybersecurity from a necessary burden into a national strength. Cybercrime will continue to evolve. So must we! With smart cooperation, curiosity, and the confidence that even in the digital shadows, resilience can be built.