From 2015 to 2020, Switzerland’s Federal Intelligence Service (FIS) cyber team worked closely with three companies linked to Russia: the well-known Russian cybersecurity firm Kaspersky and two lesser-known companies, now referred to in an internal report as Blue and Violet. This was uncovered by Swiss public broadcaster SRF Investigativ.
An internal investigation revealed regular and close contacts between the FIS cyber team and these companies. These contacts included meetings, data exchanges, and even direct access to private servers. What raised alarm bells is that all three companies had ties to Russia, a country widely known for its involvement in international cyber-attacks and digital espionage.
The FIS has not commented on the matter, stating it does not discuss classified materials. However, the findings prompted action. Switzerland’s Defence Minister Martin Pfister ordered an external investigation in response to SRF’s revelations. A criminal complaint was also filed by the supervisory authority AB-ND.
The investigation also references a key figure inside the FIS’s cyber division, a person identified only by the initial “W.”, who allegedly had deep involvement in maintaining these contacts.
Company “Blue” and Its Russian Roots
One of the companies, Blue, was based in Zurich but founded by two Russian nationals and one Swiss citizen. Though it appeared Swiss on paper, its operations and staffing revealed much stronger Russian connections. The company even recruited from Russian online tech forums.
Chilling Chinese Espionage Plot Erupts at Hotel in Alps Near F-35 Facility
The secret report says the relationship between Blue and the FIS began in Moscow, not Switzerland, sometime in 2016 or 2017. Over the following years, the company is alleged to have provided server data at least a dozen times to the FIS. The report also claims the FIS had direct server access, although how this access worked is not clearly explained.
When SRF Investigativ contacted Blue, the company denied any ties to both the FIS and to Russian authorities. It also said it complies with all Swiss legal standards. Despite this denial, the internal report lists Blue as one of the cyber team’s three most important partners during the five-year period.
Violet: Hacked Servers and Cozy Meetings
The second lesser-known firm, Violet, also operated servers in Switzerland and was named in the report as the “most important source of information” for the FIS cyber team at the time. It drew attention because of its client base, which included dubious customers—especially Russian hackers.
FIS investigators found these hacker-friendly servers useful, especially for tracking cyber-attacks. According to the report, the relationship with Violet involved meetings in Ticino and even “fondue dinners in Bern”, suggesting a surprisingly casual tone for what should have been highly professional contacts.
Leticia Zheng Exposed in Sinister 7-Year Chinese Espionage Operation at the University of Florida
Violet also had a connection to Kaspersky, having worked with the Russian company for several years. What’s more, the FIS used Kaspersky to make payments to Violet—but it’s still unclear what those payments were for. The report doesn’t specify whether they were for server data or something else.
Violet, when contacted, did not respond to any questions from SRF Investigativ.
The cyber team has since gone through a major reorganization, likely in response to these troubling connections. Meanwhile, criminal proceedings are now underway, and the Swiss public is left questioning how deep these ties may have gone.
