The Central Electoral Board (JEC) has once again distributed a “brief cybersecurity guide” among political parties with suggestions for their candidates and leaders to avoid a possible cyberattack during the campaign for the European Parliament elections on June 9th. The guide, which is 78 pages long, was developed by the National Cryptologic Center (CCN, under the CNI) and sent to the parties on April 1st. It contains eight “checklists” with a total of 51 cyber measures to minimize the risk of being victims of cyberattacks. The importance of preparing for cybersecurity threats during an electoral process is emphasized in the introduction.
The development of this guide was a recommendation from the National Security Council (CSN) in October 2020 when the pandemic led to a rise in cyberattacks. In 2019, protocols were implemented by the Ministry of Interior to combat fake news and protect the voting system from cyberattacks during the elections held that year. Different organizations have issued alerts regarding cybersecurity threats, including the European Union, which organized a cybersecurity exercise for member states in November. The Department of National Security has also warned about the risks posed by cyberattacks, particularly from campaigns of disinformation.
The guide distributed by the Electoral Board to political parties highlights the potential dangers of cyberattacks directed at political parties’ computer systems, which could compromise sensitive information and manipulate public opinion. The guide warns that cyber incidents during electoral processes can have serious consequences and emphasizes the importance of cybersecurity measures for political parties. The most common methods used by cybercriminals, such as exploiting software vulnerabilities or manipulating user behavior, are outlined in the guide.
The guide focuses on securing all computer systems of political parties, including databases, but places particular emphasis on the security of smartphones. Smartphones are described as essential devices that contain a vast amount of information and connect to various systems simultaneously, posing potential risks. Recommendations include disabling geolocation functions, using stronger access codes, avoiding downloading unauthorized apps, and installing antivirus programs. The guide also advises participants to place their smartphones in Faraday cages during meetings to prevent hacking.
Regarding social media use, the guide advises against sharing sensitive information on personal or party matters online due to the increasing trend of cyberattacks on social media platforms. The overabundance of personal information shared on social media can be exploited by cybercriminals for malicious purposes. The guide suggests maintaining privacy settings, analyzing friend requests, and being cautious with the information shared online. Additionally, it warns against sending unencrypted documents or clicking on links in messaging apps without verifying the sender’s identity.
In conclusion, the cybersecurity guide issued by the Electoral Board aims to help political parties minimize the risk of cyberattacks during the European Parliament elections. The guide emphasizes the importance of cybersecurity measures for political parties to protect sensitive information, prevent manipulation of public opinion, and ensure the integrity of the electoral process. By following the recommendations outlined in the guide, political parties can enhance their security measures and reduce vulnerabilities to cyber threats during the campaign period. It is crucial for parties to be aware of the potential risks posed by cyberattacks and take proactive steps to safeguard their systems and data.