Cyberattacks are increasingly used by government-linked groups and private individuals to target corporate, financial, and, more recently, democratic institutions. The perpetrators and their motivations often remain unclear, but cyberattacks qualify as election violence given their ability to undermine election authorities and shape results. Common tactics include distributed denial-of-service (DDOS), phishing, and malware attacks against critical infrastructure and networks. Election officials around the world have embraced advanced technologies for voter registration and results management systems. But those new technologies create new vulnerabilities, especially if there is a lack of technical expertise, modern equipment, and necessary cyber hygiene.

While the threat that cyberattacks pose to elections are recognized, international and domestic legal frameworks are insufficiently developed to ensure robust prevention and enforcement efforts. As technology rapidly transforms, prevention strategies must look forward, securing the next election rather than repairing vulnerabilities exposed in the previous election. Election management bodies (EMBs) will also face a difficult balancing act to secure their processes while preserving transparency.

In Ukraine, the Central Election Commission (CEC) has long suffered from technological vulnerabilities and a lack of technical training for staff, compounded by legal and procedural hurdles. In 2014, a cyberattack disabled CEC network nodes and erased numerous components of the election system, including the Results Management System, using advanced cyberespionage malware. In 2015, Ukraine suffered from a successful attack on its power grids, and a malware attack—known as (Not)Petya—infiltrated Ukrainian banks, government agencies and electricity firms in 2017.

With presidential elections this spring, and parliamentary elections in October, Ukraine has taken important steps to protect its election infrastructure, mostly through trainings by international specialists, improving its ability to withstand the surge in attacks on electoral servers and the personal computers of election staff.

With legislative and presidential elections scheduled on April 17, Indonesia has similarly suffered from cyberattacks targeting its electoral infrastructure. The head of the National Election Commission (KPU), Arief Budiman, remained confident that the increase in attacks against Indonesia’s voter database will not disrupt the voting process. Despite this, the threat posed by cyberattacks in the form of targeting candidates’ private data remains a concern.

The Impact of Cyberattacks on Democracy and Political Stability

While cybersecurity measures can strengthen institutions and electoral processes, they also shape the tactical considerations of would-be perpetrators of election violence. Cyberattacks could provide an alternative to more traditional forms of election violence as a method to shape election results, delegitimize the vote, or create general distrust in institutions.

As cyberattacks generally have a lower cost and provide the advantage of anonymity, an increase in the use of cyberattacks could perversely lower the risk of violence in the streets, at least in the short-term. The subsequent loss of legitimacy in the electoral process can also increase the risk of post-election violence, for instance as delayed results announcements create the suspicion of fraud.

Cyberattacks erode public trust in the electoral process and offer losing parties or candidates another reason to question and challenge the results. Preventing cyberattacks requires not only the adequate funding for EMBs to secure their digital infrastructure, but also educating the public and election staff on the complexities of hybrid warfare and its associated risks.