Fact sheet for Canadian political campaigns: Protect yourself online

Key targets of Canada’s democratic process

Political parties, candidates, and their staff vie for attention and support in elections, relying heavily on the Internet, which they use to organize themselves and communicate with voters.

Globally, political parties, candidates, and their staff remain attractive targets for cyber threat activity.

Cyber threat actors use a variety of techniques to target the websites, e-mail, social media accounts, as well as the networks and devices of political parties, candidates and their staff. They may steal information and then release it to the public for the purpose of embarrassing or discrediting the political party or candidate.

Five simple ways to protect yourself

There’s plenty you can – and should – do to protect yourself against cyber security breaches. Here are five basic rules everyone should follow to make themselves a harder target.

Practice good password etiquette

  • Use unique passphrases or complex passwords.
  • Don’t share passwords and don’t use the same password for multiple accounts, websites or devices.
  • Use two-factor authentication (2FA) when available.

Apply updates to your mobile devices, computers and applications

  • Those updates are crucial to your security: they contain what we call security “patches.” Don’t ignore them.
  • Be sure to apply updates to your mobile applications in addition to your device operating systems and get them to automatically update.
  • Schedule a mandatory training session in which all campaign members update their devices and applications.

Secure your social media account

  • Use as many security options (settings) as you can for each social media platform.
  • Know your options for delegating authority (what to do when you need multiple users accessing one account).

Be on guard for phishing and spear-phishing messages

  • Know how to spot phishing and spear-phishing messages.
  • Be wary of suspicious or unusual links – don’t click on them.
  • Use anti-virus or anti-malware software on computers.

Store your data securely and know your back-up procedures

  • Use only new USB memory sticks purchased by the campaign team. Use them for campaign-related work only. Do not use them on untrusted computers.
  • Secure data stored in the cloud or online by turning on the available security features. Consider storage solutions with restricted access.
  • Back up your vital campaign information and know where you have it backed up.
  • Practice recovering your data at least once. This way you’ll know what to do if you become a ransomware victim.
Report a problem on this page
Please select all that apply:

Thank you for your help!

You will not receive a reply. For enquiries, please contact us.

Date modified: