A state sponsored group known as "Berserk Bear" among other monikers has, since September, been targeting state, local, tribal and territorial governments (SLTTs) for intrusion, and in at least two cases successfully exfiltrated data, according to a joint statement from CISA and the FBI.
"The Russian state-sponsored APT actor has targeted dozens of SLTT government and aviation networks, attempted intrusions at several SLTT organizations, successfully compromised network infrastructure, and as of October 1, 2020, exfiltrated data from at least two victim servers," the agencies reported.
At the same time, details about a ransomware attack against a county in Georgia shows the destructive potential that malware has to disrupt election processes. After months of concern about ransomware's potential effect on election infrastructure, officials worry this attack, which knocked out a voter signature database and a voting precinct map, may be the the first of a trend.
Both incidents followed on the heels of news that Iranian hackers, posing as "Proud Boys," had sent threatening emails to Democratic voters warning them to "vote for Trump, or else," in an apparent disinformation campaign.
All of the incidents seem to have confirmed many of the fears espoused about the upcoming 2020 election, mainly, that we're hurtling towards some sort of technical and institutional disaster wrought by cyberattacks from foreign adversaries.
Yet election security experts have cautioned against letting these recent events fan the flames of social unrest, since that's most likely just what adversaries like Russia and Iran want. Instead, this should be a teachable moment to better understand the flaws in our election systems, these experts say. A lot of those flaws, unsurprisingly, are generated by a lack of funding.
"I see a sense of urgency in terms of [election security] funding at the federal level, but I don't yet see that translate to the state and local level," said John Dickson, a former intelligence officer with the U.S. Air Force, who today works with the government-focused security firm the Denim Group.
Dickson, who recently wrote an op-ed in which he encouraged voters to vote early and avoid online disinformation, said these attacks have pointed to flaws in the system by which our elections are administered, and they suggest areas where governments could better work together to prevent attacks.
"The irony is that its the federal agencies that have all the funding yet have the least amount of authority or operational control. It's the state and local guys that have all of it," he said, explaining that our system basically relegates large agencies like CISA, DHS and DNI to a "cheerleader" role, when it would be much more beneficial to have them play an active, defensive role.
Dr. Stephanie Singer, an assistant professor at Portland State University, largely agrees with this assessment. Singer, an election security expert who formerly served on the Philadelphia County Board of Elections, said that the constitutional system of election administration set up by the American founders has not caught up to the technological reality of the present day.
"What's happened over the last 50 to 100 years is that computers have become such a part of the process," she said. While there are a lot of benefits to using computers they always "introduce uncertainty" into the equation, she said, "whether from error in the computer or from error between a user and the computer, or because of malicious attacks."
Combine this with the county financial situation and you have the makings of a problem.
"Elections are underfunded," she said. "There needs to be more federal funding, the states and the counties are broke. There are so many stresses on states and counties right now in terms of their budgets. They can't print money, though the federal government can," she joked.
Dickson also added that while he encourages people to remain calm and vote, they should also be ready for potentially more cyberincidents over the next two weeks or so.
"Let's be ready," he said. "This is going to be turbulent air here."