If you are like most Canadians, you learn about the world via the internet. For instance, you research products and services online. You check out reviews online and on social media. From there, we make decisions daily on what we choose to buy. Now compare that to election campaigning, and things get a little more complicated.
For instance, what is the likelihood of a hacker wanting to steal voter data? Or perhaps change the outcome of the election? Well, we know how things have played out in other countries. For instance, Reuters reported Australia’s cyber-intelligence agency concluded China was behind cyber hacks in May, which obtained private data from the three main political parties in the months leading up to the Australian election. In addition, the party of France’s President Emmanuel Macron also reported being hacked on election day, and in the U.S., Robert Mueller concluded Russia hacked the personal emails of members of the Democratic National Party and Hillary Clinton’s campaign.
Political party data is among the top targets for cyber hacking. Thankfully, a new law was enacted just prior to the election call which gives security agencies and the Chief Electoral Officer significant new powers to fight back against cyber attacks on critical election infrastructure. In an interview with CTV News, Stephane Perrault, Canada’s Chief Electoral Officer, confirms that “no cyber attacks have been detected.” Yet. That same law, however, does not compel the political parties to report cyber incidents, and prevents the Canadian Security Establishment from using its abilities to protect the databases of the parties. They are also not compelled under PIPEDA to report if they experience a serious data breach. Elections Canada’s guidelines do recommend the parties voluntarily report any incidents. Perrault also said in his interview, “I would be lying if I had no concern because I have been raising this issue with them. What I can say is that they’ve been made aware they understand the challenges, they’ve seen what’s happened elsewhere.”
Another thing Canadians should be wary of is the proliferation of “fake news.” Wikipedia defines fake news as, “a type of yellow journalism or propaganda that consists of deliberate disinformation or hoaxes spread via traditional news media (print and broadcast) or online social media.” At a recent Royal Bank RBC Disruptors panel at the University of Toronto’s Rotman School of Business, cybersecurity experts spoke about the dangers of trying to discern fact from fiction online. Shuman Ghosemajumder, chief technology officer for Shape Security, told the panel, “We should realize it’s going to get harder to identify fake information, disinformation. And that applies to things we thought were very difficult for anyone to falsify. We should think about the way we use technology. We should think about way we get our news, share and receive content from friends. If we’re more proactive about that, about the data we put into information retrieval mechanisms, we can protect ourselves and get mainly positive benefits from the technology platforms we use today.” Ghosemajumder also says the biggest watch out is the foreign online manipulation of social media.
Kevin Chan, Facebook Canada’s head of public policy, was also on the same panel. He says Facebook is working closely with Elections Canada and Canadian intelligence agencies to identify problematic content. Facebook Canada just released a tool to help eligible people register for the October 21 federal election and in the first quarter of this year, Chan says Facebook globally removed 1 billion fake accounts.
What all this means for Canadians, is, be careful who your trust your personal information with, and be wary of what you read on social media. Like your momma always said, don’t believe everything you read. Try to sort out fact from fiction before mindlessly sharing a story or video.
Cybersecurity Issues to be Aware of During the Canadian Election Campaign
Facebook
Twitter
LinkedIn
Categories
- Cloud (22)
- Compliance (72)
- Compliance Management (56)
- Cyber awareness (46)
- Cybersecurity (270)
- Encryption (27)
- GDPR (25)
- HIPAA Compliance (23)
- Incident Management (20)
- Insurance (4)
- IT Service Management (41)
- ITIL (1)
- ITSM Software (1)
- Operations & Compliance Management Software (26)
- Phishing (111)
- PIPEDA (8)
- Ransomeware (2)
- Ransomware (119)
- Remediating Risks (135)
- SaaS (23)
- Sector (2)
- Security (263)
- Software as a Service (42)
- Software as Service (2)
- Spam (14)
- Ticketing (2)
- Uncategorized (3)
- Viruses (63)
- Vulnerability management (82)
- Workflow (8)