The Election Commission of India (ECI) said its digital election infrastructure faced more than 68 lakh malicious online hits on the day votes were counted for the recently concluded Assembly elections, with attempts originating from both domestic and overseas sources. According to election officials, the attacks targeted several online systems operated by the Commission, including the public election results portal, but were contained using existing cybersecurity protections.
Officials stated that despite the unusually high volume of hostile traffic, there was no disruption to counting operations or public access to election-related services.
The attacks were directed at ECINET, the Commission’s integrated election management platform that now combines over 40 separate election applications and digital portals into a unified system. The platform is used to manage multiple election-related functions, including monitoring, reporting, voter services, and administrative coordination.
On counting day, May 4, ECINET reportedly processed an average of nearly 3 crore hits every minute. Across all polling phases conducted on April 9, 23, and 29, the platform recorded a total traffic load of 98.3 crore hits, reflecting the scale at which India’s election infrastructure now operates digitally.
The Commission officially launched ECINET in January 2026 after testing its beta version during the Bihar Assembly elections in November 2025. Since then, the application has crossed 10 crore downloads, indicating rapid adoption among election officials, staff, and users accessing poll-related information and services.
Election authorities said the platform played a major operational role during the elections across five states and Union Territories, along with bypolls conducted during the same period. According to officials, ECINET enabled real-time monitoring of election activities, accelerated reporting processes, and improved administrative coordination between different election units. Authorities also said the centralized system helped increase transparency by reducing delays in communication and data sharing.
Cybersecurity analysts have repeatedly warned that election infrastructure has become an increasingly attractive target for malicious cyber activity because such systems process large amounts of real-time public information under intense public scrutiny. During counting periods, election portals often experience massive spikes in traffic as citizens, media organizations, and political workers continuously refresh result dashboards. Security researchers note that these high-traffic periods can also create opportunities for malicious actors to disguise harmful requests within normal user activity.
While the Election Commission did not disclose the technical nature of the 68 lakh malicious hits, such traffic typically includes automated bot requests, denial-of-service attempts, malicious scanning activity, or repeated unauthorized access attempts aimed at slowing systems or overwhelming servers.
The Commission also introduced a new QR code-based photo identity verification system for counting centres during the election process. On counting day alone, more than 3.2 lakh QR codes were generated through ECINET to regulate entry into counting venues. Officials said the system was introduced to ensure that only authorized personnel could enter restricted areas, reducing the possibility of unauthorized access at highly sensitive counting locations.
According to the Commission, this was the first time the QR-based access system had been deployed across all five states and Union Territories simultaneously. The ECI has now decided to adopt the system as a standard security measure for future Lok Sabha and state Assembly elections.
The increasing dependence on centralized digital infrastructure has pushed election management beyond traditional ballot security into the broader domain of cybersecurity, network resilience, identity verification, and real-time system monitoring. As more election operations move onto integrated digital platforms, experts say continuous monitoring and infrastructure hardening will become essential to maintaining uninterrupted electoral processes at national scale.
