The National Security Agency (NSA) and its British counterpart (GCHQ) put out an alarming statement in October: Russian intelligence divisions have continued to orchestrate cyber attacks against U.S. allies since the 2016 election - in fact, they've gotten even better at it. Russian hackers have been finding new and even more obscure ways to cover up their tracks, and Iran now stands on the horizon as the next potential threat to U.S. elections.
America's election-security and cyber defenses have improved by quite a bit in the last four years since the 2016 election season. At that time, we had no idea what sort of disinformation and "fake-news" would be coming at us. Facebook
Of course, Russian hackers know this and will adapt accordingly. However, according to the New York Times
The treatment of American intelligence information by top U.S. officials also hasn't helped the situation. Intelligence and cyber security experts agree unanimously agree that Russians interfered in the 2016 election, but Administration Officials and some members of the GOP have called this fact into question. A Russian backed conspiracy theory pushing blame onto Ukraine was quickly taken up, and it was this mindset that led to some of the events currently being adjudicated in the impeachment process, namely the allegations that President Donald Trump withheld aid from Ukraine in order to extort an investigation into this widely debunked conspiracy theory.
The October statement by the NSA and GCHQ may have been prompted by two recent developments in the Russian front on American elections.. First, it was found that Russian hackers had infiltrated an elite Iranian hacking unit and then attacked the surrounding governments in the Middle East under the guise of Iran. Second, "Fancy Bear", one of the two Russian intelligence divisions which hacked the Democratic National Convention in 2016, has shifted part its work onto servers in the U.S. in order to evade the NSA and other agencies. Its counter part, known as "Cozy Bear", dropped off the radar six months ago after it abandoned its hacking infrastructure.
Other hacking units, such as the trolls at the now-indicted Internet Research Agency, have switched from using email services which could be tracked by Western intelligence agencies to encrypted communication, like ProtonMail. They are also paying Americans to buy political ads on Facebook for them; foreigners are banned from buying political ads. The rise in ransomware is worrying officials at the Department of Homeland Security who say that attacks against American towns and cities over the past year revealed gaping holes in U.S. cybersecurity.
New voting technology and technology from 2016 that wasn't improved sufficiently - if at all - also represents a security risk. Leaving the fraught issue of electronic voting aside, voting is controlled at the state level, and many entrust a portion of the responsibility to outside companies. In 2016, three such companies were hacked; although, generally, voting went smoothly.
Which is perhaps the most frightening part of retrospectives into the Russian attempt to disrupt elections in the U.S. in 2016: it may have just been a trial run. In a Senate Intelligence Committee meeting, one expert told lawmakers that Russia had been "conducting the reconnaissance to do... mapping, so that you could actually understand the network... so you could come back later and actually execute an operation."
