Swiss Defence Firm RUAG Admits Paying Ransom to Hackers, Defying Federal Advice

Switzerland’s state-owned defence giant RUAG has sent shockwaves through the federal administration by admitting it paid a ransom to cybercriminals. This unprecedented move marks a total departure from the strict 'no-negotiation' stance advocated by the Federal Office for Cybersecurity (FOCBS). While the government explicitly warns that such payments fuel the global machinery of cybercrime, RUAG’s leadership chose a different path. Chairman Jürg Rötheli confirmed the transaction on Swiss public radio, characterizing the payment as a 'small amount' necessary to secure the return of sensitive information. This admission places the federally owned entity in direct conflict with the very state that oversees it, creating a political firestorm in Bern. The decision highlights a growing rift between theoretical government policy and the brutal reality of corporate survival in the digital age. By crossing this line, RUAG has not only recovered its data but has also set a controversial precedent that other Swiss firms may now feel emboldened to follow.

The breach originated in the autumn of 2025, when the notorious hacker group Akira successfully infiltrated the systems of RUAG LLC, the firm's US-based subsidiary. Akira, a group known for its aggressive double-extortion tactics, didn't just lock the systems—they stole a massive cache of data and threatened a public leak that could have compromised international defence projects. For a company like RUAG, which serves as a critical pillar of Swiss and European security, the stakes could not have been higher. The hackers leveraged this leverage to demand a ransom, putting the board in a desperate position. While the FOCBS maintains that paying ransoms offers no guarantee of data recovery, RUAG claims a 100% success rate in this instance. This successful recovery, however, does little to mask the vulnerability of Swiss defence infrastructure abroad. The attack on the US subsidiary proves that the reach of cyber adversaries is global, and even the most fortified neutral nations are not immune to the digital crosshairs of international crime syndicates.

A staggering conflict of interest now looms over the Swiss defence sector as RUAG prioritizes data recovery over federal advisory. The FOCBS argues that every ransom paid is a direct investment into the next attack, providing criminals with the capital needed to develop more sophisticated malware. In contrast, RUAG’s board viewed the situation through the lens of damage control. By paying what they describe as a 'small amount,' they claim to have averted a catastrophic leak of proprietary defence data. This 'pragmatic' approach, however, undermines the collective security strategy of the Swiss Confederation. It raises the critical question: if a state-owned firm ignores government advice, why should private industry comply? The tension is palpable as critics argue that RUAG has effectively funded the very groups that threaten Swiss national security. Meanwhile, the lack of transparency regarding the exact 'small amount' paid only adds to the public's unease, leaving taxpayers to wonder about the true price of this digital surrender.

The implications of RUAG’s admission will reverberate through the Federal Palace for months to come. This is no longer just a corporate IT failure; it is a matter of national security and diplomatic integrity. As Switzerland positions itself as a global hub for cybersecurity and data privacy, the sight of its premier defence firm bowing to extortionists sends a confusing message to international partners. Looking forward, the Swiss government must now grapple with the need for more stringent regulations or perhaps a more realistic ransom policy. The FOCBS may find its authority diminished unless it can provide firms with better alternatives to the 'pay or perish' dilemma. As RUAG moves to fortify its US and domestic systems, the broader Swiss economy remains on high alert. The Akira hack has proven that the digital frontier is the new frontline of Swiss neutrality, and the current playbook may need a radical rewrite to survive the next wave of aggression. The eyes of the world are now on Bern to see if consequences will follow this act of corporate defiance.