Increased security measures are not stopping cyber operatives from looking for ways to break into critical U.S. voting systems, according to officials charged with safeguarding the nation's Nov. 3 presidential election.
But exactly who is behind the ongoing efforts remains unclear.
"Election systems, like IT systems generally, are being scanned, are being targeted, are being researched for vulnerabilities," Matt Masterson, the Department of Homeland Security's senior election security adviser, said Tuesday during a virtual event on election security hosted by Auburn University's McCrary Institute.
"What keeps me up at night is, is there something we're not seeing? Is there something we're not tracking?" he said.
U.S. officials have been preparing for new attacks on voting systems since 2016, when Russian-linked actors targeted all 50 states, managing to access voter registration databases in a handful of them.
As part of that effort, officials have been working to install cyber intrusion detection sensors across the country, now allowing all states and more than 2,500 local jurisdictions to get real-time threat information.
So far, the effort seems to be paying off.
"We haven't seen cyberattacks to date this year on voter registration databases or on any systems involved in primary voting," FBI Director Christopher Wray said last week at a virtual conference hosted by the U.S. Cybersecurity and Infrastructure Security Agency. "To our knowledge, no foreign government has attempted to tamper with U.S. vote counts."
Indirect threats
But Masterson warned U.S. adversaries may still be looking for a way into critical systems to meddle with the upcoming presidential election.
"While we have no evidence of direct targeting of election infrastructure by nation states, we know and continue to see reports of scanning," he said.
There are also concerns that cyber actors looking to interfere with Election Day voting will launch an indirect attack, perhaps using ransomware to take down systems that could create difficulties, even though they are not directly involved in the election process.
"We see cascading impacts where internet is lost, connectivity to websites is lost," Masterson said.
State and local officials are also being targeted, with cyber actors using spear-phishing and social engineering as ways to get passwords or other information that could give them access to critical systems.
Disinformation campaigns
Even so, some state election officials say thanks to the ongoing efforts of federal and state authorities, they are much better prepared than they were in 2016.
"There is no doubt that we are in a tremendously better situation now, today, than we were during those elections," said David Stafford, supervisor of elections for Escambia County, Florida. "We know who to call if something happens."
"Unfortunately, the threat has grown along with us," he added.
Some state officials remain uneasy about the possibility that where efforts to hack the U.S. election may fail, ongoing disinformation campaigns could succeed.
"I do worry about in those last couple of days and on Election Day," said Pennsylvania Secretary of State Kathy Boockvar, who like Masterson and Stafford, spoke at the Auburn University event.
"I keep telling people don't click retweet," she said. "It's so easy to perpetuate. And of course, that's what our foreign adversaries, that's what our domestic adversaries, that's what they want us to do to undermine confidence in the election."