Political parties issued advisories on foreign interference and cyber security attacks ahead of next GE

The authorities said reports of malicious cyber activities have been observed in elections elsewhere.
The authorities said reports of malicious cyber activities have been observed in elections elsewhere.PHOTO: REUTERS

SINGAPORE - Political parties have been issued advisories on the threat of foreign interference and cyber security attacks ahead of the next general election, with the authorities urging parties to stay vigilant and take precautions to mitigate such risks.

"Political parties play an important role in safeguarding the integrity of our general election," said the Home Affairs Ministry, Cyber Security Agency of Singapore and Elections Department in a joint statement on Monday (April 20). "They should enhance their understanding of the threat of foreign interference, and their cyber security posture."

Parties should also learn what they can do to protect their information technology infrastructure, online and social media accounts, and the storage and management of their data, they said.

The authorities added that political parties should also monitor their platforms for suspicious activity and not re-share posts or tweets of suspicious provenance.

Foreign interference refers to attempts by foreign countries, agencies or individuals to influence elections in another country. Such attempts have been reported elsewhere, including in the United States presidential election in 2016 and mid-term elections in 2018, as well as in elections in France and Germany in 2017, and in Italy in 2018.

"Singapore is not immune, and we need to guard against such nefarious activity as we head towards our own general election (GE), which must be held by April 2021," said the authorities in the statement.

The statement is the latest in a series of election-related procedures to be announced. The Registers of Electors were certified last Wednesday (April 15) and are available for public inspection online. And Parliament will, when it next sits, debate a bill on temporary arrangements needed to hold an election safely while Covid-19 measures are in effect.

In their statement, the agencies added that reports of malicious cyber activities, such as disruptions and data theft, have been observed in elections elsewhere.

These attacks "shook their electorates' confidence in their countries' election processes".

"As Singapore is a highly digitally-connected nation, we need to also guard against opportunistic attempts to disrupt our election processes, to cast doubts on the integrity of our general election, and attack the credibility of our government," they said.

Political parties and candidates should report to the police immediately if they detect or suspect foreign interference in elections, or if their accounts or systems have been compromised or misused, the agencies added. They should also inform the Elections Department.

 
 

FOREIGN INTERFERENCE

Foreign actors who interfere in elections typically aim to shape voting behaviour in line with their desired political outcomes, said the authorities in their advisory on the topic.

They added that this is often done through the "coordinated use of covert and subversive means", such as disinformation, sentiment amplification and identity falsification.

Disinformation refers to the deliberate distortion or fabrication of news. In an election, this could be done to manipulate public opinion, confuse voters about electoral rules, or undermine trust in politics and institutions. It could also target socially divisive issues or developments to sway public opinion about a party or candidate.

Meanwhile, sentiment amplification refers to attempts to artificially inflate the spread and prominence of narratives which are useful for the foreign actor's agenda. Such tactics could involve the coordinated use of fake accounts, trolls, and bots.

In an election, they could create a false impression of public opinion about parties or candidates, or make use of inflammatory material that could result in social fragmentation or polarisation.

Foreign actors have also been known to create a fake online persona, with the goal of building up followers by giving them the impression of authentic behaviour. Such followers could eventually be the targets of the foreign actor's influence campaign.

Interference can also take the form of funding to a particular party or candidate to increase their chances of winning.

Foreign actors may also covertly cultivate favourable relationships with their targets to achieve their ends. These could entail promises of business incentives, donations or titles, under the guise of avowedly legitimate platforms.

CYBER SECURITY RISKS

As a general rule, three broad categories of cyber attacks have been observed in elections elsewhere, the authorities said in their advisory on the topic.

These are website defacement, disruption, and data breaches or thefts.

Attackers may deface a political party's website after gaining unauthorised access by posting disturbing images or leaving messages expressing their views. They could also bring down the website altogether or put out false or misleading information to damage their target's reputation.

Disruption typically takes either of two forms, the authorities added.

In a distributed denial of service (DDoS) attack, attackers attempt to disrupt the normal traffic of a server, service or network by overwhelming the target or its surrounding infrastructure with a flood of Internet traffic.

This could make websites or network services unavailable to legitimate users, affecting a political party or individual's campaign efforts. 

 
 

In the second type of disruption, the attacker uses ransomware to hold their victims hostage. Victims will be told to pay a ransom to access their files or computer systems. However, there is no guarantee that they will be able to recover their data even if they pay up.

Such attacks are typically carried out through phishing emails containing malicious attachments or links. Users could get infected if they open such attachments or links, or if they install pirated software which masks the ransomware in it.

Attackers may also steal data through various means, many of which can be done through a phishing e-mail. They may then sell or publish stolen data to damage their victim's reputation. If passwords or account numbers are involved, they could use the data to launch more attacks.

Parties were advised to appoint an individual to take charge of their cyber security, and consider getting a professional cyber security vendor to review their party's posture and deal with incidents.

This includes knowing where and how data is stored, checking for and patching vulnerabilities, and monitoring for breaches.

Parties and individuals should also take precautions to protect themselves on all IT infrastructure, such as smartphones, computer and computing devices, online and social media assets, and data storage and management.

Correction: The Cyber Security Agency of Singapore has since clarified that parts of its original press release were inaccurate.