With elections increasingly dependent on modern technology, cybersecurity has become a vital shield against election violence and manipulation. Cyberattacks present a growing threat to both nascent and mature democracies, as they can shape the election process, erode citizen trust and trigger other forms of election violence. The 2019 elections in Indonesia and Ukraine illustrate the threat cyberattacks pose, even in relatively consolidated and stable democracies.

An overhead view of electronic voting machines in Miami, FL. (Vincent Laforet/The New York Times)
An overhead view of electronic voting machines in Miami, FL. (Vincent Laforet/The New York Times)

Cyberattacks are increasingly used by government-linked groups and private individuals to target corporate, financial, and, more recently, democratic institutions. The perpetrators and their motivations often remain unclear, but cyberattacks qualify as election violence given their ability to undermine election authorities and shape results. Common tactics include distributed denial-of-service (DDOS), phishing, and malware attacks against critical infrastructure and networks. Election officials around the world have embraced advanced technologies for voter registration and results management systems. But those new technologies create new vulnerabilities, especially if there is a lack of technical expertise, modern equipment, and necessary cyber hygiene.

While the threat that cyberattacks pose to elections are recognized, international and domestic legal frameworks are insufficiently developed to ensure robust prevention and enforcement efforts. As technology rapidly transforms, prevention strategies must look forward, securing the next election rather than repairing vulnerabilities exposed in the previous election. Election management bodies (EMBs) will also face a difficult balancing act to secure their processes while preserving transparency.

In Ukraine, the Central Election Commission (CEC) has long suffered from technological vulnerabilities and a lack of technical training for staff, compounded by legal and procedural hurdles. In 2014, a cyberattack disabled CEC network nodes and erased numerous components of the election system, including the Results Management System, using advanced cyberespionage malware. In 2015, Ukraine suffered from a successful attack on its power grids, and a malware attack—known as (Not)Petya—infiltrated Ukrainian banks, government agencies and electricity firms in 2017.

With presidential elections this spring, and parliamentary elections in October, Ukraine has taken important steps to protect its election infrastructure, mostly through trainings by international specialists, improving its ability to withstand the surge in attacks on electoral servers and the personal computers of election staff.

With legislative and presidential elections scheduled on April 17, Indonesia has similarly suffered from cyberattacks targeting its electoral infrastructure. The head of the National Election Commission (KPU), Arief Budiman, remained confident that the increase in attacks against Indonesia’s voter database will not disrupt the voting process. Despite this, the threat posed by cyberattacks in the form of targeting candidates’ private data remains a concern.

The Impact of Cyberattacks on Democracy and Political Stability

While cybersecurity measures can strengthen institutions and electoral processes, they also shape the tactical considerations of would-be perpetrators of election violence. Cyberattacks could provide an alternative to more traditional forms of election violence as a method to shape election results, delegitimize the vote, or create general distrust in institutions.

As cyberattacks generally have a lower cost and provide the advantage of anonymity, an increase in the use of cyberattacks could perversely lower the risk of violence in the streets, at least in the short-term. The subsequent loss of legitimacy in the electoral process can also increase the risk of post-election violence, for instance as delayed results announcements create the suspicion of fraud.

Cyberattacks erode public trust in the electoral process and offer losing parties or candidates another reason to question and challenge the results. Preventing cyberattacks requires not only the adequate funding for EMBs to secure their digital infrastructure, but also educating the public and election staff on the complexities of hybrid warfare and its associated risks.

Related Publications

Violence Prevention through Election Observation

Violence Prevention through Election Observation

Monday, August 24, 2020

By: Larry Garber

For many years, election-related violence has posed a serious threat to the integrity of electoral processes worldwide. To prevent or minimize such violence, the international community has often relied upon election observation missions, which incorporate an extended on-the-ground presence and proactive mediation by international and domestic actors. This report discusses the challenge observer missions face in confronting election violence, and suggests how preventive efforts can be enhanced through improved, multi-mandate observation practices.

Type: Peaceworks

Electoral Violence

Preventing Election Violence Through Diplomacy

Preventing Election Violence Through Diplomacy

Wednesday, January 22, 2020

By: Bhojraj Pokharel

Focusing on three case studies in Africa, this book analyzes the utility of diplomacy in preventing election violence. After defining and identifying the key dimensions of preventive diplomacy to prevent or reduce election violence, it looks at presidential elections between 2006 and 2017 in the Democratic Republic of the Congo, Kenya, and Nigeria. Drawing on personal experience, the literature, case study reviews, and expert interviews and roundtables with academics and practitioners, the book highlights conditions for the success and the failure of preventive diplomacy, offering recommendations to the international community for maximizing the efficacy of this unique tool.

Type: Book

Electoral Violence

Scott Worden on Afghan Elections and the Peace Process

Scott Worden on Afghan Elections and the Peace Process

Wednesday, October 9, 2019

By: Scott Worden

A week and a half after Afghan presidential polls, the results remain unclear. But, we do know that turnout was historically low, largely due to dire security conditions. Meanwhile, with the peace process stalled, USIP’s Scott Worden says the upsurge in U.S. military operations against the Taliban is a “pressure tactic, not a victory strategy.”

Electoral Violence; Democracy & Governance; Peace Processes

What to Watch for in Afghanistan’s Presidential Election

What to Watch for in Afghanistan’s Presidential Election

Tuesday, September 24, 2019

By: Scott Worden; Colin Cookman

After several delays, Afghans will finally head to the polls on Saturday to elect their next president. The election comes amid an indefinite stall in the year-long U.S.-Taliban negotiations following the cancellation of a high-level summit earlier in the month. There has been a debate over the sequencing of elections and the peace process for months, but the vote will move ahead this weekend. As with all post-2001 Afghan elections, security risks and the potential for fraud and abuse loom over these polls. USIP’s Scott Worden and Colin Cookman look at how insecurity will impact the legitimacy of the vote and what measures have been taken to combat electoral mismanagement and fraud.

Type: Analysis and Commentary

Electoral Violence; Democracy & Governance

View All Publications