Cyber Risks Hidden in The Shadow of Ballots

The strength of democracy rests on the exercise of citizens’ voting rights. The primary means of safeguarding that right is through free, fair, and impartial elections. For a long time, election security was understood mainly in terms of discipline at polling stations, protection of ballot boxes, and transparency in vote counting. However, times have changed—and so has the nature of elections. In modern states, elections are no longer confined to ballot boxes alone; they have become technology-driven, multi-layered, and complex processes. Along with this transformation, a new threat has quietly emerged in the shadow of the ballot—cyber risk. If vulnerabilities in technology-driven election systems are ignored, the entire democratic process may be called into question.

Today, voter list preparation, national ID–based data storage, result management, and dissemination of election-related information all depend, in one way or another, on digital infrastructure. While this dependence has enhanced administrative efficiency and speed, it has simultaneously created new areas of vulnerability. Even a minor weakness in digital systems can place the entire electoral process under suspicion.

Global experience has turned this concern into a proven reality. In many countries, elections have faced cyber intrusions into voter databases, disruptions in result management systems, denial-of-service (DoS) attacks on government websites, and coordinated disinformation campaigns on social media. In many cases, the objective of these attacks has not been to directly alter election results, but rather to erode public trust in the electoral process. Once that trust is lost, an election becomes effectively unsuccessful—regardless of its actual outcome.

An election can be considered successful only when voters believe that their votes are secure and the results are impartial. But if voters perceive that voter lists are not protected, result systems are vulnerable to manipulation, or information lacks transparency, the election loses its credibility. This crisis of confidence is, in fact, the primary target of cyber threats.

In the context of Bangladesh, this issue demands particular attention. While the country has moved rapidly toward digitalization, concerns that cyber security preparedness has not kept pace are not unfounded. National ID–based voter databases, election commission servers, and result management software all remain potential targets for cyber attacks. Yet, ahead of elections, clear and reassuring public communication regarding the security of these systems has remained insufficient.

One point must be stated clearly: election security is no longer limited to maintaining law and order at polling centers. In the past, deploying law enforcement at polling stations was considered the core security measure. In today’s reality, however, even ensuring complete physical security on the ground cannot guarantee a controversy-free election if digital vulnerabilities persist. Cyber attacks are invisible, silent, and highly sophisticated—but their impact can be deep and long-lasting.

Therefore, ensuring cyber security before elections are called into question has become an urgent necessity. First, robust and modern cyber security infrastructure must be developed for all election-related digital systems. Regular and independent security audits, penetration testing, and the use of internationally standard firewalls and encryption mechanisms must be ensured. Declarations of preparedness alone are insufficient; tangible proof of capability is what truly matters.

Second, effective coordination among the Election Commission, law enforcement agencies, and cyber security institutions is essential. During elections, a unified cyber response team must be in place, capable of making rapid decisions and responding immediately to any digital threat. Delays in addressing technical issues only create space for rumors and misinformation.

Third, the importance of human capacity building cannot be ignored. Advanced technology alone cannot guarantee cyber security. Without skilled and trained personnel, even the best systems remain ineffective. Regular cyber awareness and training programs are necessary for Election Commission officials and all personnel involved in election duties.

At the same time, digital awareness among citizens must also be strengthened. If the public is unable to identify misinformation and false narratives circulating on social media, disinformation campaigns can easily influence public perception. When accurate information is not disseminated quickly and responsibly, falsehoods fill the void—this reality cannot be denied.

In conclusion, while an election may take place on a single day, its preparation and security are long-term processes. Neglecting cyber security does not endanger just one election; it places the entire democratic system at risk. Therefore, alongside protecting ballot boxes, addressing the cyber risks hidden in the shadow of the ballot with equal seriousness has now become an urgent demand of the time.


Engineer Md. Nazmul Huda Masud
is a Cyber Security Analyst in Special 
Branch (SB), Bangladesh Police.