The electoral commission has identified cyber security as one of the biggest risks facing the 2027 General Election.
In its
Election Operations Plan 2025-27, the Independent Electoral and Boundaries
Commission also highlights artificial intelligence-driven misinformation and
deepfakes as emerging risks capable of undermining public confidence in the
election if left unchecked.
At the same
time, the latest National Kenya Computer Incident Response Team – Coordination
Centre report warns that cyber criminals are increasingly exploiting artificial
intelligence, system vulnerabilities and human error to launch sophisticated
attacks against government institutions and critical infrastructure.
The
KE-CIRT/CC report in particular found that more than 3.36 billion cyber threat
events targeted the country's digital infrastructure in just three months.
The
convergence of the two reports points to how the 2027 General Election risks
facing a digital security challenge.
The 2027
vote is expected to depend heavily on the resilience of digital infrastructure
used for voter registration, election management, results transmission and
communication.
At the 2022
presidential election petition proceedings, for instance, the integrity of the
electronic results transmission system was one of the central issues before the
Supreme Court.
Petitioners
claimed that the Kenya Integrated Election Management System (Kiems) and the
results transmission system had been compromised.
They also
alleged unauthorised access to IEBC servers and manipulation of Forms 34A, 34B
and 34C. Questions over the security, integrity and auditability of the
electronic transmission infrastructure were also raised, leading to demands for
access to IEBC servers.
Recognising
the growing threat landscape, the IEBC has committed to strengthening
cybersecurity across its operations before Kenyans head to the polls.
The
commission plans to establish an ICT Security and Network Operations Centre,
upgrade server and backup infrastructure, conduct comprehensive audits and
certification of election technology, strengthen data protection measures and
improve monitoring of election systems throughout the electoral cycle.
The
electoral agency also intends to review its data protection framework, train
staff on privacy and cybersecurity, and conduct data mapping to safeguard
sensitive electoral information.
Besides
cybersecurity threats, the commission also identifies delays in acquiring
election technology and inadequate network connectivity as strategic risks
capable of disrupting election operations.
The
commission further warns of a “proliferation of misinformation, disinformation,
hate speech, fake news, deepfakes and propaganda” during the election period.
The
operations plan acknowledges that manipulated online content is becoming an
increasingly potent threat to electoral integrity.
To counter
the challenge, the commission plans to strengthen strategic communications,
deepen collaboration with media organisations and expand voter awareness
campaigns aimed at promoting verified electoral information.
The
Communications Authority’s latest cybersecurity report suggests those concerns
are well founded.
According
to the report covering January to March 2026, the National KE-CIRT/CC
detected more than 3.36 billion cyber threat events, although the number
represented a 26.15 per cent decline compared to the previous quarter.
Despite the
reduction, the agency warned that cyberattacks are becoming increasingly
sophisticated as criminals embrace artificial intelligence and automation to
evade detection.
The agency
also issued more than 20.58 million cyber threat advisories, urging
organisations to strengthen system patching, deploy multi-factor
authentication, improve password management and harden network security against
emerging attacks.
Among the
threats detected during the quarter, system attacks accounted for more than
3.23 billion incidents, making them the dominant category. The report also
documented 68.7 million malware attacks, 46.4 million brute-force attacks, 12.1
million web application attacks and more than 8.2 million Distributed
Denial-of-Service (DDoS) attacks, which are designed to overwhelm systems and
render online services unavailable.
Government
institutions featured among the most targeted organisations across several
categories of attacks.
According
to the report, attackers increasingly targeted authentication credentials,
database servers, web applications and network infrastructure used by public
institutions. Malware campaigns, brute-force attacks and web application
attacks were among the most prevalent methods deployed against government
systems.
Particularly
concerning is the growing use of artificial intelligence by cyber criminals.
The
Communications Authority says attackers are increasingly deploying AI-assisted
phishing campaigns, AI-generated emails, deepfakes, automated attack tools and
AI-powered malware, making cyberattacks more convincing, scalable and difficult
to detect.
The report
notes that phishing campaigns targeting governments, financial institutions and
enterprises across Africa are becoming increasingly sophisticated through
AI-generated content and spoofed websites designed to steal user credentials or
gain initial access into secure systems.
Cybersecurity
experts have long warned that elections are particularly attractive targets
because they rely on interconnected digital systems handling sensitive voter
information, election technology and public communication.
CA says
many of the attacks detected during the quarter exploited weaknesses such as
outdated software, inadequate system patching, weak authentication controls,
poor cybersecurity awareness and insecure system configurations.
Its
recommendations closely mirror several safeguards now being adopted by the
IEBC, including regular security audits, stronger authentication measures,
continuous monitoring, enhanced incident response capabilities and improved
information sharing between institutions.
