No. of Recommendations: 4
And of course, here's some quotes from the PDB itself:
Possible Russian Government–affiliated cyber actors extracted voter data,
mostly containing names and addresses of voters, from Illinois’s Board of
Elections registration database in July that lacked adequate security
safeguards. We also observed scanning and similar efforts against Secretary of
State systems and websites in up to 20 more states from servers operated by
a Russian-owned company with ties to Russian military cyber actors—the
same infrastructure used against
Illinois.
• We have low-to-moderate confidence in the Russian Government’s
involvement because of our uncertainty about its utility for a state actor, a
lack of observed effects from the low-profile operation, and the actors’ use of
obfuscation techniques, which included substantial overlap with criminal
actors using similar targeting patterns and tactics. The activities did coincide
with high-profile Russian cyber-enabled data leaks during the election, which
we assess probably were intended to cause psychological effects, such as
undermining the credibility of the election process and
candidates.
In other words...it well could have been the usual Russian identity thieves and bots.
