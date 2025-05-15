The thermal reserve power plant in Birr, Aargau, is intended to serve as an emergency back-up beyond 2026 in the event of an electricity shortage. (Archive image) sda

The federal government has reported another attack on critical infrastructure: cyber criminals have hijacked the email account of a manager who works for the reserve power plant in Birr AG. Phishing emails were the result.

No time? blue News summarizes for you At the beginning of May, hackers hijacked the e-mail account of a Prismecs manager and used it to send phishing e-mails to Swiss business partners.

Prismecs operates the reserve power plant in Birr AG. This can be operated with natural gas or diesel.

According to the Swiss Federal Office of Energy, security of supply was not at risk as the IT systems of the power plant and Prismecs are separate.

The incident underlines the vulnerability of critical infrastructure. It is unclear whether Prismecs complied with the federal government's reporting obligation in the event of cyber attacks. Show more

At the beginning of May, Swiss suppliers and business partners of the US energy company Prismecs received suspicious e-mails. These messages, which purported to come from the Swiss head of Prismecs, asked the recipients to open a link to a document. When one recipient complied, his anti-virus software prevented access to the page, confirming the suspicion that hackers had taken over the manager's email account and sent the phishing emails. The "Tages-Anzeiger" reported on the attack.

Phishing attacks are now part of everyday digital life. Attackers try to penetrate IT systems by sending malicious links or files. If a company like Prismecs is affected, the circle of victims is somewhat larger. The company operates the reserve gas-fired power plant in Birr AG, which is used in the event of an electricity shortage in Switzerland.

The Federal Council initiated the project due to the energy shortage, which was exacerbated by the lack of Russian natural gas following the Ukraine conflict.

Prismecs must report the attack

The contract for the reserve power plant was awarded to the Swiss branch of General Electrics in 2022, which used Prismecs as a subcontractor. Despite multiple requests, neither Prismecs nor GE Vernova commented on the details of the attack. However, the Swiss Federal Office of Energy confirmed the hacker attack and emphasized that the security of supply was not at risk as the IT systems of Prismecs and the power plant are separate.

The incident shows how vulnerable the electricity infrastructure is to cyber attacks. Since April 2023, operators of critical infrastructure have had to report such attacks to the Federal Office for Cyber Security within 24 hours. It remains unclear whether Prismecs has complied with this obligation, as the BACS is only allowed to provide information with the consent of the companies concerned.

The plant in Birr AG has already had to contend with problems before. At the beginning of 2023, the power plant was connected to the grid late and a court ruling declared the original permit illegal, but did not require it to be dismantled. A fire also destroyed the grid connection, which led to months of repairs.

The power plant's eight turbines have been able to run on natural gas or automotive diesel since 2023 and deliver 250 megawatts of power when required. The contract runs until the end of 2026 and the federal government plans to commission five new reserve power plants with CO2-neutral fuel by 2030.

