NEW DELHI – The Election Commission of India (EC) has reported successfully thwarting over 68 lakh (6.8 million) cyberattack attempts targeting its information technology infrastructure on June 4, 2024, the day votes were counted for the 18th Lok Sabha elections. The EC stated that its robust cybersecurity framework and multi-layered defenses effectively neutralised all threats, ensuring the integrity and security of the counting process.

The extensive barrage of cyberattack attempts aimed at the EC’s IT applications and databases underscores the persistent threat landscape faced by critical national infrastructure, particularly during high-stakes events like a general election. The Commission confirmed that despite the high volume of malicious activity, no breach of data or disruption to the crucial vote counting operations occurred. This outcome maintained the sanctity of the electoral results, which saw 543 parliamentary constituencies declare their outcomes.

The cyberattacks were diverse in nature, indicating a coordinated effort to compromise election data and disrupt official processes. According to the Election Commission, the attempts primarily included:

  • Distributed Denial of Service (DDoS) attacks: These attempts sought to overwhelm the EC's servers and online services, aiming to make them unavailable to legitimate users.
  • Phishing attempts: Malicious actors tried to trick EC officials or personnel into revealing sensitive information, such as login credentials, through deceptive communications.
  • Unauthorized access attempts: These were direct attempts to gain access to the Commission's internal systems and databases without proper authorization.

The Election Commission collaborated closely with the Indian Computer Emergency Response Team (CERT-In) and other national cybersecurity agencies to monitor and defend its digital assets. This collaborative approach, combined with continuous vulnerability assessments and real-time threat intelligence, was instrumental in identifying and mitigating the threats as they emerged. The EC's digital infrastructure is critical for various electoral functions, ranging from voter registration and candidate nomination to the final dissemination of results.

The successful defense against such a large volume of cyberattacks highlights the Election Commission's preparedness and commitment to securing the democratic process. While specific origins or perpetrators of the attacks were not detailed in the official announcement, the incident underscores the global challenge of protecting electoral systems from digital interference. The EC's proactive measures and swift response ensured public confidence in the electronic tallying and dissemination of election results.

Looking ahead, the Election Commission is expected to continue enhancing its cybersecurity protocols and infrastructure. This ongoing commitment aims to safeguard future elections against evolving digital threats, ensuring the integrity and transparency of India's democratic exercises. Regular audits and updates to security systems remain a key component of the EC's strategy to protect sensitive electoral data and maintain operational resilience.