The 2022 Electoral Act initiated the digitalization of Nigeria’s electoral process, aiming to enhance the integrity of elections in the country. However, this increased reliance on digital technology also makes the electoral process vulnerable to cyberattacks. As Nigeria prepares for the polls next month, all eyes are on the upcoming 2023 general elections, which will be the first to transmit election results electronically. While this innovation is commendable, it brings with it significant risks, particularly the threat of cyberattacks.
The recent elections in Ekiti and Osun States highlighted these concerns when the Chairman of the Independent National Electoral Commission (INEC), Prof. Mahmood Yakubu, disclosed that both elections faced cyberattacks from various global sources. He stated, “Another technical concern for us is the repeated attempts to break through our cybersecurity system for the portal. Our engineers reported several cyberattacks on the portal during the Ekiti and Osun governorship elections, some of them from as far as Asia. I am glad to note that all of them failed.” Although these attacks were thwarted, they raised new questions about the credibility of Nigeria’s election process, which has long been marred by issues such as violence, ballot snatching, and vote buying.
As the dates for the elections—February 25 and March 11—approach, the worsening security situation and rampant violence have heightened concerns among Nigerians. However, the introduction of electronic transmission of results alleviates some fears, particularly regarding the physical theft of ballot boxes. INEC’s Administrative Secretary in Kaduna State, Muhammed Mashi, expressed optimism about the new electoral reforms, stating, “With the new electoral reform, Nigerians will be surprised and happy to see what will happen in the 2023 election because it will be smooth and transparent, free and fair. Issues of ballot stuffing and snatching will not happen, and no voter can vote twice.” The 2022 Electoral Act is expected to address many discrepancies associated with Nigeria’s elections, marking a significant shift towards transparency.
Despite the positive changes brought by the Electoral Act, the adoption of digital processes raises new concerns about cybersecurity. Cyberattacks have surged in recent years, with the Nigerian Communications Commission (NCC) reporting that Nigeria loses approximately $500 million annually to such threats. The Senior Manager of Cyber Risk Services at Deloitte, Ms. Funmilola Odumuboni, noted that a cyberattack occurs every 39 seconds, and cybercrimes have increased by nearly 300 percent since the onset of the COVID-19 pandemic. Although there have been no documented cases of election tampering in the U.S. due to cyberattacks, there have been instances of successful hacks targeting election infrastructure.
INEC appears to be aware of these risks and has allocated part of its N117 billion electoral technologies budget to cybersecurity measures. The INEC chairman emphasized the importance of protecting the INEC Result Viewing Portal (IReV) and all web resources. The Chief Press Secretary to the INEC chairman, Rotimi Oyekanmi, acknowledged that all servers are vulnerable to attacks, stating, “Hacking attempts are not exclusive to INEC. The commission has and is very proud of its in-house computer engineers who designed the Bimodal Voter Accreditation System and the IReV. They have not been sleeping; they know what is at stake and they are always prepared.”
Despite these assurances, the Nigeria Computer Society has urged INEC to prepare for potential cyberattacks during the 2023 elections. Concerns have been raised regarding the country’s readiness for electronic result transmission, particularly in relation to network coverage. Chris Uwaje, a cyber solutions expert, emphasized the need for professional accreditation of INEC’s infrastructure to assess its cyber readiness. He stated, “Before one can really make a judgment of preparation for INEC, there are two things that have to be explored.” He highlighted that no digital infrastructure is immune to hacking and stressed the importance of collaboration with technology professionals to ensure the integrity of the electoral process.
Chukwuemeka Orjiani, Chief Technology Officer at NJALO.NG, suggested that INEC should invite ethical hackers to identify vulnerabilities in its systems. He noted that in the U.S., individuals who discover vulnerabilities are often rewarded, and he advocated for similar practices in Nigeria. He expressed concern over the use of outdated software, stating, “How can anyone be using a server that is using PHP 5.4 when even the FBI has stated that anything below PHP 7.4 is vulnerable and can be hijacked?”
Olugbenga Odeyemi, an ICT expert and Senior Partner at e86 Limited, underscored the necessity for INEC to invest in experienced personnel to mitigate cybersecurity risks. He recommended conducting penetration testing and white-hat hacking to expose system vulnerabilities. As Nigeria approaches the 2023 general elections, the stakes are high, and INEC’s ability to ensure a fair and free election is paramount. Many hope that the electoral body will effectively counter any threats to the integrity of the elections.
Comments are closed for this story.