SINGAPORE: Political parties in Singapore have been advised by the Ministry of Home Affairs (MHA), the Cyber Security Agency of Singapore (CSA) and the Elections Department about the threat of foreign interference in elections and cybersecurity risks.
The advisories have been published on the Elections Department website, said the authorities in a media release on Monday (Apr 20).
READ: Commentary: What next as the Government looks beyond disinformation in targeting foreign influence in Singapore
Citing examples of foreign interference during elections in other countries - such as the US presidential elections in 2016 and French presidential elections in 2017 - MHA said that "Singapore is not immune".
"We need to guard against such nefarious activity as we head towards our own General Election (GE), which must be held by April 2021," the ministry added.
"Singapore politics should be decided by Singaporeans alone."
The MHA advisory includes information such as the methods used by "foreign actors", such as countries, agencies or people, to interfere in elections.
"The objective of foreign actors interfering in elections is to shape the voting behaviour of the electorate in a manner consistent with the desired political outcomes of the foreign actor," said the ministry.
Examples of foreign interference include disinformation, the creation of fake online identities, the funding of political parties' campaigns by foreign actors, as well as the cultivation of political entities.
Another example of foreign interference mentioned in the advisory is "sentiment amplification", which involves the coordinated use of fake accounts, trolls and bots to "artificially inflate the spread and prominence of narratives which are useful for the foreign actor’s agenda".
"In the context of an election, the narratives inflated to prominence could consist of disinformation or the creation of a false impression of public opinion about political parties, election candidates or campaign policies," the ministry said.
"The narratives could also contain inflammatory material which could result in social fragmentation and polarisation, or public order and security incidents, to enhance or diminish a political party or candidate’s electoral chances."
The advisory also reminded political parties to enhance their understanding of the threats, improve the digital literacy of their members, and be alert to suspicious behaviours and hidden agendas.
Political parties should avoid reposting or forwarding articles, text messages or social media posts without verifying its authenticity. They should also monitor their own social media platforms for suspicious activity, said the MHA advisory.
GUARDING AGAINST CYBERSECURITY RISKS
As a "highly digitally-connected nation", Singapore also needs to "guard against opportunistic attempts to disrupt our election processes, to cast doubts on the integrity of our GE, and attack the credibility of our government", said the release.
READ: Deliberate online falsehoods: Are Singapore's laws sufficient to deal with the threat?
READ: FAQ: What are organised misinformation campaigns, and why should Singaporeans care?
"Political parties and candidates are responsible for their own cybersecurity, and need to strengthen their cybersecurity posture, and take precautionary measures to protect their assets and online presence," said CSA in its advisory.
This includes all IT infrastructure including any smartphone, computer and computing device, online and social media assets, as well as data storage and management.
The agency warned against potential cyber threats, including website defacement, ransomware attacks and data breaches.
On ransomware attacks, CSA said these are typically carried out via phishing emails containing malicious attachments or links.
"Users’ devices could get infected when they open these malicious attachments or links, or if they install pirated software which masks the ransomware in it," said CSA.
"Malicious advertisements could also be used to exploit vulnerabilities in a user’s browser to install the ransomware in a victim’s device."
CSA also warned of possible Distributed Denial of Service (DDOS) attacks, which are aimed at disrupting the normal traffic of a targeted server, service or network by overwhelming the target or its surrounding infrastructure with a flood of Internet traffic.
Political parties "need to be mindful of the potential cyber threats related to the use of the IT infrastructure, and take precautionary measures", said CSA.
The agency added that political parties should consider appointing a professional cybersecurity vendor to review and manage the cybersecurity posture for their party, as well as to deal with any cybersecurity incident.