As technology advances, election interference and disinformation threats are evolving rapidly, increasing cyber incidents and malicious posts aimed at swaying public perception. Cyber hacking often fuels disinformation campaigns targeting governments and political parties. It is crucial to address these threats.

This fortnightly report by Control Risks highlights key incidents and trends impacting Brazilian organizations and individuals during the reporting period.

Election interference and disinformation incidents

  • France, 08 July 2024 steep increase in disinformation campaigns targeting France follow call for a snap election.

    Implications for elections: as the Municipal elections grow closer and as key deadlines approach, Brazilian organizations should expect a sharp increase in disinformation posts relating to the election.

  • Brazil, 25 July 2024 hackers target systems of the Lula administration, 9 ministries and 2 federal agencies. This is the second incident impacting the Brazilian government since April 2024, demonstrating the consistent intent by cyber actors to target the Brazilian administration. 

    Implications for elections: Brazilian government and party officials should be on high alert for ongoing cyber-attacks in the run up to the election, and particularly paying close attention for social engineering attacks.

  • Brazil, 05 July – 19 August 2024 suspension of X (formerly Twitter accounts) accounts and Supreme Court rulings lead to several posts by Elon Musk. Justice Alexandre de Moraes, threatened to arrest X’s legal representative and issue fines to the company for not complying with demands to remove the accounts of individuals under investigation for their involvement in the January 8th 2024 attacks on Brazil’s three branches of government, in Brasilia. This lead to Elon Musk shutting down X operations in Brazil. While the platform is still available to users in Brazil, the dialling back of X operations in Brazil is likely to encourage users to migrate to other platforms. Equally disinformation messages will potentially be more prevalent on X.

    Implications for elections: Brazilian narratives by popular X users, regardless of accuracy, will be amplified on social channels by bots and disinformation actors if it contributes to disrupting the elections.

  • Brazil, 11 July 2024 Brazilian police forces make arrests in connection with an ongoing investigation into Brazil’s Abin intelligence agency for allegedly spying on politicians.

    Implications for elections: Brazilian narratives on mayoral elections in Rio De Janeiro will be influenced by these recent arrests as Alexandre Ramagem, former chief of Albin is running for office. Public sentiment will also be swayed by Flavio Bolsonaro stating that details of the investigation were released to harm Ramagem’s campaign.

  • Brazil, 12 June 2024 North Korea attributed APT Pronto conducts phishing campaigns targeting diplomats in Brazil. Pronto used a fake PDF viewer to lure victims into revealing log in information for credential harvesting. 

    Implications for elections: diplomats and government officials in Brazil should remain aware of cyber actors attempting to steal confidential information through social engineering attacks.  

 

Fortnightly mitigation measures

  • Review your passwords and privacy settings on devices, applications, and social media sites. Ensure passwords to your most sensitive and critical accounts are long and sufficiently complex. When able, use application-based two-factor authentication (2FA) to further secure your information.
  • Use social media in a way that protects your most sensitive information through risk-based decisions. Maintain maximum situational awareness and keep a healthy level of scepticism.
  • One of the best defences against firmware-based malware on electronic devices in the current threat environment is to regularly power cycle your devices (turn them off and on again). This increases the work for threat actors as it forces them to regain a foothold in the user’s device following each restart.
  • All devices should have reputable anti-virus software installed with regular scanning features enabled.

Social engineering awareness

  • North Korea attributed Paektusan APT use phishing emails impersonating HR officials and recruiters of Brazilian and US aerospace companies. The attacker is likely using WhatsApp and social media messaging apps to distribute malware.
  • Financially motivated threat actor Pineapple impersonates Brazil’s revenue service, Receita Federal do Brasil to send phishing emails intended to steal user credentials and keystrokes.

Disinformation education

  • Organisations should use the Actors, Behaviour, Content (ABC) disinformation framework to understand manipulative actors, their behaviour, intent, and the harmful content they are posting. This will assist in developing more effective strategies for countering misinformation.

Social media monitoring

  • There is an increasingly negative sentiment on Ramgem’s campaign due to the recent investigation.
  • Users on X believe that Brazil’s government is hiding information related to President Lula’s election due to Moraes’ attempt to remove certain users from X.  

Get in touch

Can our experts help you?