Dim Amor

The municipal elections held on February 27, 2024, were unique in every respect. For the first time in the nation's history, Israel was required to conduct a comprehensive democratic electoral process while embroiled in the Iron Swords War, when the computerized information systems supporting the electoral process faced unprecedented cyber threats.

The original election date was set by law for October 31, 2023, but the outbreak of war on October 7 led to repeated postponements. Initially, the elections were postponed to January 30, 2024, and subsequently to the final date – February 27. The democratic process was ultimately conducted in all municipal authorities throughout the country, except for 12 authorities whose residents were evacuated from their homes and received an additional postponement until November 2024.

The fact that elections were held during wartime created significant exposure to new security risks. The electoral process, which constitutes a central cornerstone of local democracy and affects broad aspects of daily life for all Israeli residents, became an attractive target for hostile elements seeking to undermine feelings of security and trust in state institutions.

Since the beginning of the Iron Swords War, the Israeli cyber apparatus has identified a dramatic increase in the scope of cyber attacks. The data reveals a disturbing reality: the number of significant incidents during the war period, from October 7, 2023, until the end of that year, reached 3,380 – a 2.5-fold increase from peacetime. Beyond the increase in the number of attacks, there was also a qualitative change in their nature: while before the war the primary objectives of attacks were espionage and information theft, the goal of most attacks during wartime was to cause direct damage.

Against this backdrop, the information systems used in the electoral process became a complex security challenge. While the core of the electoral process remained manual – voting using ballots in envelopes that each voter drops into the ballot box – the preparation and management processes for elections rely heavily on computerized information systems.

The broad spectrum of these systems includes systems for recruiting and training the human resources required to operate the elections, systems for managing various tasks leading up to election day, systems for transmitting information about eligible voters, platforms for making election information accessible and locating voting locations for the general public, as well as systems for entering election results into computerized systems and publishing them to the public.

Responsibility for the electoral process rests with the Minister of the Interior by law, and he is required to ensure that elections in municipal authorities are conducted properly and in accordance with the law. This includes maintaining the guiding principles for their conduct: general, direct, equal, secret, and proportional elections. Executive responsibility rests with the Senior Municipal Elections Division in the Ministry of the Interior, known as the Inspector Unit, headed by the National Elections Inspector.

The complex organizational structure creates multi-layered responsibility distribution: the Inspector serves as the business entity that defines requirements for information systems and their cyber aspects, while the Senior Digital Technologies and Information Division in the Ministry of the Interior provides development and maintenance services for these systems. Some systems are developed and maintained by additional government ministries, each guided by different state regulatory bodies in the cyber field.

The complex security situation during wartime turned cyber risks into a real and immediate challenge. Hostile elements may attempt to damage information systems supporting the electoral process with the aim of undermining public trust in the democratic process, creating chaos and uncertainty, or even trying to influence election results directly or indirectly.

The special sensitivity of the wartime period amplifies the potential for damage from such attacks. When Israeli society is under pressure and security concerns, any damage to democratic systems may exacerbate feelings of insecurity and irreversibly harm public trust in state institutions.

The technological complexity of computerized information systems used in the electoral process creates an extensive attack surface. Each system individually may be exposed to security vulnerabilities, and the combination of multiple systems developed and maintained by different entities increases the risk of security breaches and coordination and cooperation vulnerabilities.

The challenge becomes even sharper in light of the fact that election systems operate cyclically – once every five years for municipal elections. This means that systems may be less prepared for emergency situations and evolving risks, and that accumulated experience in dealing with specific threats may be limited.

During wartime, when security resources are primarily directed toward the direct security effort, questions may arise regarding the level of protection and preparedness of information systems supporting civilian processes such as elections. The need to balance between allocating resources to the war effort and ensuring proper operation of vital civilian systems constitutes a significant managerial and strategic challenge.

The electoral process that took place on February 27, 2024, thus became an important test of the state's ability to maintain proper democratic activity even during wartime, while dealing with unprecedented cyber threats. The lessons from this period will be critical for preparing future election systems for similar challenges and strengthening the state's democratic resilience against evolving technological threats.

To view the State Comptroller's report, click here (report in Hebrew)