Singapore Election a hotbed for cyberactivity: Are businesses ready?
The Singapore General Election is now fast approaching, and no doubt political rhetoric will hit its peak across all parties. Pair this with the current backdrop of global uncertainty – and indeed regional trade uncertainty in Asia – and you have the perfect conditions for an unwieldly cybersecurity storm to brew.
Elections are often breeding grounds for cyber activity, with state actors, hacktivists and other invested parties often ramping up their efforts as voting day draws nearer. Cyberattacks can become more targeted and hostile in nature, with the consequences more dire. Business leaders need to remember that the attack surface of an election extends far wider than merely voting infrastructure – and Singaporean organisations may be affected as part of the fallout.
It would be complacent to think of this as a global issue – not yet impacting Asia. The truth is that this activity is already unfolding in Singapore. The Cyber Security Agency of Singapore (CSA) has published an advisory on potential cyber threats during the election period, and the Elections Department Singapore has similarly expressed concern over the integrity of the election process being challenged by cyber risks.
Global geopolitical uncertainty also generally means greater cyber risk. There were thousands of attacks on Europe's energy grid when Russia invaded Ukraine, for instance. So, as we stand in the midst of a global trade war, amidst ongoing global conflict and rising tension across Asia - the increase in cyber activity is a given.
Critical infrastructure highly vulnerable
Companies that manage election infrastructure and those closely aligned to the election may be prime targets, but with heightened cyber activity across the board, public and private organisations managing critical infrastructure should also be aware. This list of companies, both public and private, is long - think financial and healthcare institutions, telcos, energy and utilities companies.
Attacks on critical infrastructure can have catastrophic consequences, threatening a country's operational resilience and even public safety. Look at the recent attack on Synnovis that halted 1,130 planned operations and more than two thousand outpatient appointments at London hospitals. Or the attacks on Germany's Südwestfalen IT that paralysed 70 municipalities and affected 1.6 million citizens. State actors can move at any moment, but elections and geopolitical instability make for particularly fertile ground. These businesses need to know they may be in the firing line.
Pervasive Ransomware threat could worsen
Ransomware already impacts many businesses in Singapore, so much so that just this month, CSA released an advisory for organisations to protect their systems and data from ransomware attacks. It now considers ransomware "…a widespread, sophisticated, and systemic threat with the potential to severely disrupt essential services, compromise national security, and cripple the operations of organisations." At a time of heightened cyber activity - we can anticipate this threat to be even greater.
The World Economic Forum's Global Cybersecurity Outlook from both 2024 and 2025 highlights that ransomware has evolved from merely data theft, to causing disruption. In fact, close to half of cyber leaders surveyed said they're concerned about disruption to operations and business processes. The 2025 Ponemon Cost of Ransomware Report echoed this - showing that more than half of organisations globally had to shut down operations following a ransomware attack. Ransomware attacks also impacted 25% of critical systems, with systems down for 12 hours on average.
The truth? Businesses aren't prepared
The Ponemon research showed that a lot of businesses are still not getting the basics right, like blocking high risk ports or patching vulnerable systems, or still using weak passwords. Many are also still worried about preventing and detecting breaches, when really, they should be focusing on containment strategies that keep them resilient against inevitable attacks. Breaches will happen, so businesses need ways to limit their impact to prevent catastrophic outcomes.
Over the past few years, everyone from the White House, to EU regulators and the World Economic Forum have called on agencies and business leaders to adopt breach containment strategies like Zero Trust. Fortunately, Singapore is sin alignment, having long supported Zero Trust methods in protecting government applications and IT systems. The Government Zero Trust Architecture (GovZTA) provides a framework for the Singapore Government to implement Zero Trust, for example. Zero Trust recognises that threats can come from both external and internal sources, necessitating a proactive and adaptive security approach. is based on the core principle of "never trust, always verify."
Businesses in Singapore – especially those in critical infrastructure - need to build their cybersecurity systems in a way that allows them to limit the spread of attacks and maintain the function of IT systems even in the event of ongoing cyberattacks. This way, their most sensitive data will always remain protected. This is the best defence to weather the Election cybersecurity storm that is already brewing.
