Cyber Security and Elections

Cybersecurity has become essential to protect democracy. This week’s graph demonstrates governments’ cybersecurity capacity across the globe. Specifically, whether a country’s government has sufficiently technologically skilled staff and resources to mitigate harm from cybersecurity threats.

The scale ranges from no capacity to counter even unsophisticated cybersecurity threats (shown in dark red) to the capacity to combat sophisticated cyberattacks launched by highly skilled actors (shown in dark blue).

In times when wars are increasingly fought with hybrid techniques, governments’ cybersecurity capacity is crucial. Cyberattacks connected with elections have become frequent, usually carried out by actors with connections to authoritarian states. Two recent examples are the 2025 Moldovan parliamentary election in September and the Danish regional and local elections in November.

Some of these attacks affect elections more indirectly, such as disinformation campaigns and deepfakes; others affect them more directly. Direct attacks include the manipulation of voter-registration systems and voting-machine counts, phishing attacks aimed at gaining access to sensitive information, ransomware attacks that encrypt important data and denial-of-service attacks on election infrastructure. It is specifically these direct attacks that government cybersecurity capacity can effectively prevent, whereas disinformation is harder to tackle.

The goal behind the attacks is not only to influence election results but also to generate public distrust in political institutions and elections, raising questions of legitimacy. Elections are at the core of every democratic system, and democracies are built upon trust and legitimacy in the election process. The purpose of cyberattacks is precisely to undermine that trust. Thus, governments’ capacity to combat cyberattacks is essential for democracies' endurance.

View all graphs of the week