Key Points
RUAG paid hackers ransom after fall 2025 attack on US subsidiary.
Federal Office for Cybersecurity advises against ransom payments to prevent future attacks.
Ransom payments finance criminal networks and encourage repeated extortion attempts.
RUAG Chairman Rötheli refused to disclose exact payment amount.
RUAG, Switzerland’s federally owned defense company, paid hackers a ransom after the criminal group Akira attacked its US subsidiary in fall 2025. The decision contradicts the Swiss Federal Office for Cybersecurity (FOCBS), which advises companies never to pay ransoms. RUAG Chairman Jürg Rötheli said the company paid “a small amount” but refused to disclose the exact figure. The move highlights tensions between corporate security decisions and government policy.
Why RUAG Paid Despite Official Warnings
RUAG decided to pay after Akira hackers stole data from its US subsidiary and threatened to publish it. Rötheli told Swiss radio the company recovered all stolen data after payment. The Federal Office for Cybersecurity opposes ransom payments because they encourage future attacks and finance criminal operations. FOCBS recommends companies refuse such demands to disrupt the ransomware business model.
What Government Policy Says
Switzerland’s federal government strongly advises against paying ransoms to cyber criminals. FOCBS warns that payments fuel organized crime and create incentives for more attacks. The Swiss government views ransom payments as counterproductive to national cybersecurity strategy. RUAG’s decision directly contradicts this official guidance.
Risks of Paying Hackers
Ransom payments can signal to criminal groups that a target will comply with demands, making future attacks more likely. Experts warn the decision risks future cyber attacks on RUAG and other Swiss firms. Payments also fund ransomware operations and support criminal networks. The Akira group now knows RUAG will negotiate, potentially encouraging repeated extortion attempts.
RUAG’s Defense and Broader Context
Rötheli justified the payment by saying the company recovered all data and paid only a small amount. He emphasized that RUAG acted in the interest of protecting sensitive information. The company faces other challenges, including a recent reduction in F-35 fighter jet assembly contracts due to high production costs. The ransom payment adds to scrutiny of RUAG’s security practices and decision-making.
Final Thoughts
RUAG’s ransom payment contradicts Swiss government policy and may encourage future attacks on the defense sector. The decision signals that paying criminals works, undermining national cybersecurity strategy and financing organized crime networks.
FAQs
RUAG prioritized rapid data recovery over policy compliance, paying a small ransom to retrieve all stolen data and protect sensitive information.
The Federal Office for Cybersecurity advises refusing ransom demands, believing non-payment disrupts the ransomware business model and prevents criminal network funding.
No legal penalties are specified, but RUAG’s decision contradicts official government guidance and may invite criticism from regulators and cybersecurity officials.
Disclaimer:
The content shared by Meyka AI PTY LTD is solely for research and informational purposes. Meyka is not a financial advisory service, and the information provided should not be considered investment or trading advice.
About Author
Huzaifa Zahoor
Co FounderHuzaifa Zahoor is the engineer who built Meyka. He has spent years writing Python, training AI models, and building data pipelines specifically for financial markets. His technical articles have reached over 30,000 readers on Medium, so he knows how to make complex things easy to follow. If this article touches on how the tools work, he is the person who actually built them.
What brings you to Meyka?
Pick what interests you most and we will get you started.
I'm here to read news
Find more articles like this one
I'm here to research stocks
Ask Meyka Analyst about any stock
I'm here to track my Portfolio
Get daily updates and alerts (coming March 2026)