Singapore’s General Election (GE) will be held on July 10, 2020. During the elections held in other countries, there have been reports of increased malicious cyber activities. This could happen in Singapore, too. While some of these activities may be directed at the information and communications technology (ICT) systems of political parties, malicious cyber threat actors could capitalise on the situation to target Singaporeans or businesses, in general.
The ongoing COVID-19 pandemic and Work-From-Home arrangements have increased the opportunities and attack surfaces for cyber threat actors. Political parties will rely more heavily on online platforms such as social media, messaging apps and websites to reach out to voters.
Cyber threat actors may use GE-themed phishing baits to lure voters into downloading malicious software on their devices, or divert them to spoofed websites. Such baits could take the form of:
- Invites to engage in web conferencing with political parties, or to participate in pre- or post- rally polls, or surveys
- Applications (apps) that may require voters to follow through with instructions to download malicious software, such as plugins, to complete the installation
- Spoofed emails or messages that may look similar to those sent by the government or the political parties, and which may purport to provide information such as the latest news on political parties or updates on polling results
Cyber threat actors could also continue to leverage on COVID-themed lures, or adapt quickly to create fresh baits based on the latest news and events of interest during this period. As a precautionary measure, members of the public and enterprises should be on heightened vigilance during this period.
Cyber Hygiene Measures for Members of the Public
Only Use Official Sources; Beware of Websites Masquerading as Official Websites
Spoofed websites may attempt to pass themselves off as official versions by using web addresses (aka URLs) which are misspelled or closely resembles the URLs of official sites. Typically, these fake sites imitate the official sites through the use of similar content, graphics or website layout, to trick victims into thinking that they are legitimate. When looking for GE-related news, or information on political parties and candidates, members of public should:
- Go to the official website and the Political Parties’ official website(s) for details of their campaigning activities
- Only follow links found on official government websites, or parties’ websites
Only Download Apps from Official Play Store (Android) and App Store (iOS)
As political parties bring their e-rallies and other campaigning activities online to engage with voters, members of public may need to download apps such as social media or web conferencing platforms to view the e-rally or participate in conversations with the parties. They should:
- Only download apps from the official Play Store (Android) and App Store (iOS)
Members of the public should be vigilant when receiving emails or messages with GE- or COVID-related themes, particularly for those that ask for sensitive information, or requests for financial payments. They should:
- Examine the URL(s) closely to check that a website is legitimate before clicking on any links;
- Not click on URL links provided in unsolicited e-mails and messages;
- Always verify the authenticity of the information with the official websites or sources;
- Never disclose any sensitive or financial information; and
- Always refer to official sources for the latest updates
Use Anti-Virus, and Update your Software, Applications and Browsers Promptly
Cyber threat actors may use this opportunity to lure victims to download malicious software, and perform malicious activities on the affected devices. To prevent this, members of public should download and use anti-virus solutions from reputable providers, and update all software, apps and browsers to the latest version.
Enhanced Cybersecurity Posture for Enterprises
Enterprises are advised to monitor their ICT systems and networks for any unauthorised connections or unusual activities. This includes monitoring databases for suspicious transactions, such as queries for large amount of data, or transferring of large files.
Employees should be vigilant to phishing emails or messages, especially those with GE- or COVID-related themes, spoof official agencies to ask for sensitive information such as account login credentials, or requests for financial payments. Employees should similarly double check such emails even if they appear to originate from within their enterprise. When unsure, check with the sender via an alternative medium, such as through a phone call, to verify the authenticity of the email before following up on the request for payment, or to click on any links or open any attachments.
Use Anti-Virus; Update your Systems, Software and Applications Promptly
Cyber threat actors will exploit any vulnerability to gain unauthorised access into systems and networks to carry out other malicious activities, such as ransomware attacks. These attacks have been on the rise. Some ransomware actors have been reported to steal proprietary information, and threatened to publish the stolen information if their ransom demands are not met.
To protect themselves, enterprises should:
- Use anti-virus solutions from reputable providers, and use the latest version of the anti-virus and anti-malware definitions and signature files
- Update all systems, software and applications to the latest version
Encrypt Your Data, and Keep an Offline Backup
It is important to encrypt all the important or sensitive data, so that the impact is reduced when there is a data breach. Enterprises should also back up important business data and keep them offline, to facilitate restoration and data recovery.
Control privileged access to authorised personnel
Users with administrative privilege have the right to execute a wide range of actions on the system, including installing software or accessing sensitive data. To reduce the chance of cyber threat actors exploiting this, enterprises should:
- Control and limit privileged access to only authorised individuals who need full level of access to carry out their work
- Give users, other than the administrator, the lowest user privileges necessary for work
- Review and manage the use of all user accounts and disable inactive accounts when they are no longer in use