The legacy database systems and remote access protocols many election administrators use are frequent entry points for attacks, Recorded Future's Allan Liska said.

But election officials have "vastly improved" their cyberdefenses with IT investments since 2016, the head of the Center for Information Security said.

About 2,100 federal, state, local and private-sector officials joined the three-day exercise, which simulated attacks against election-related IT and civil unrest related to the pandemic.

Trevor Timmons, CIO for the Colorado secretary of state, explained a new partnership with the security firm Synack to test election systems ahead of Nov. 3.

Small local governments' vulnerability to cyberattacks threatens their ability to administer the upcoming election, county officials were warned.

The need for actionable intelligence requires broad collaboration on election security, said New Jersey Chief Information Security Officer Michael Geraghty.

Secretaries of state have made great strides, a senior DHS official said, but some officials at the county level still need to work on basic cyber hygiene.

Concerns over the security of the online voting platform OmniBallot caused election officials to reverse course on a pilot project.

Secretary of State Brad Raffensperger blamed malfunctions in the new $104 million system on user error, but election-security advocates argue the devices are unreliable.