GE2020: SingCERT issues tips on staying safe in cyberspace during election period

SINGAPORE: The Singapore Computer Emergency Response Team (SingCERT) has warned that cyber-related threats could go up this election season, affecting not just political parties, but the general public and businesses as well.

“During the elections held in other countries, there have been reports of increased malicious cyber activities. This could happen in Singapore, too,” SingCERT said in an advisory on Sunday (Jun 28).

The ongoing COVID-19 pandemic and work-from-home arrangements have also increased the opportunities for cyberthreat actors to carry out attacks, SingCERT said.

“Political parties will rely more heavily on online platforms such as social media, messaging apps and websites to reach out to voters,” it added.

Voters could be lured into downloading malicious software onto their devices, or risk being diverted to spoofed websites by General Election-themed phishing bait.

Such bait include:

Invites to web conferences with political parties or participation in pre or post-rally polls and surveys.

Applications that may require voters to download malicious software such as plugins to complete the installation.

Spoof emails or messages that may look similar to those sent by the Government or political parties, which may purport to provide information such as the latest news on political parties or updates on polling results.

SingCERT added that cyberthreat actors could also continue to leverage on lures related to COVID-19, or create fresh bait based on the latest news and events of interest during this period.

“As a precautionary measure, members of the public and enterprises should be on heightened vigilance during this period,” it said.

HOW TO STAY CYBER-SAFE

Members of the public should only use official sources when looking for General Election-related news or information on political parties and candidates.

This includes visiting official websites of the political parties for details of campaigning activities, and only following links found on official government or party websites.

Spoofed websites may attempt to pass themselves off as official websites by using web addresses which are misspelt or closely resemble the URLs of official sites.

These websites also usually imitate official websites through the use of similar content, graphics or website layouts to trick victims into thinking they are legitimate.

Members of the public should only download applications from the official Play Store for Android or App Store for iOS, and to pay attention to the security permissions required by the app or its privacy policy.

“Be wary of apps that ask for unnecessary permissions on your device,” SingCERT said.

The public should also be vigilant when receiving emails or messages related to elections or COVID-19, especially those asking for sensitive information or requesting financial payments.

The public is also advised to examine the URL to check if a website is legitimate before clicking on any links and to refrain from clicking on links in unsolicited emails. Authenticity of the information should always be verified with the official websites or sources.

SingCERT also advised the public to never disclose any sensitive or financial information and to always refer to official sources for the latest updates.

Members of the public should also download and use anti-virus solutions from reputable providers, as well as update all software, applications and browsers to the latest version.

This is to prevent cyberthreat actors from luring victims to download malicious software and perform malicious activities on the affected devices, said SingCERT.

Enterprises are also advised to monitor their communications and IT systems and networks for any unauthorised connections or unusual activities. This includes monitoring databases for suspicious transactions such as queries for large amounts of data or transferring of large files.

Ransomware attacks have also been on the rise, with some ransomware actors reportedly stealing proprietary information and threatening to publish the stolen information if their ransom demands are not met, SingCERT said.

To protect themselves, enterprises should also use anti-virus solutions from reputable providers, and use the latest version of the anti-virus and anti-malware definitions and signature file. All systems, software and applications should be updated to the latest versions.

Enterprises should also back up important business data and keep them offline, to help restoration and data recovery if there is a data breach.

As users with administrative privilege have the right to execute a wide range of actions on the systems, such as installing software or accessing sensitive data, cyberthreat actors may exploit this, said SingCERT.

Enterprises should also control privileged access to only authorised personnel who need full level of access to their systems to carry out their work.

Users, other than the administrator, should be given the lowest user privileges necessary for work.

The use of all user accounts should be reviewed and managed, and those that are inactive should be disabled when no longer in use.

Download our app or subscribe to our Telegram channel for the latest updates: https://cna.asia/telegram