WASHINGTON — Shane Huntley has seen every form of state-sponsored cyberattack, first as an Australian intelligence officer and now as director of Google’s most advanced team of threat detectors.

So when he was asked what surprised him the most about the 2018 midterm elections, his response was a bit counterintuitive: “The answer is surprisingly little on the hacking front, at least compared to two years ago.” He paused, and added, “And that reassures some people, and it scares some people.”

He is right. From the cyberwar room that the Department of Homeland Security runs round the clock in a bland office building in Arlington, Virginia, to Microsoft’s threat-assessment center at the other end of the country, in Redmond, Washington, every form of digital radar is being focused on America’s election infrastructure — and particularly on the Russian military intelligence agency once known as the GRU.

This weekend, some of those radars began to sound a few warnings — but faintly, and in strange places. Cybersecurity firms and some election officials reported seeing an increase in cyberattacks on websites and infrastructure surrounding the vote, but not on systems that are part of the voting process. Hackers have targeted websites across the United States — including in Georgia, Florida and California — that allow voters to look up the location of their local polling stations or to verify that they are registered to vote.

It is unclear where the attacks are coming from, but the sources appear to be a mix, everything from other countries to lone hackers looking to make a name for themselves, investigators say. “The attackers are trying to make a lot of noise,” said Matthew Prince, chief executive of Cloudflare, a cybersecurity firm that is tracking the action.

He said the incursions were not an effort to disrupt the vote, but merely to bolster rumors of election fraud and interference. “They are going after anything that can undermine the process itself,” he said. “Their aim is to put the outcome in doubt,” which could enable President Donald Trump or losing candidates, come Wednesday, to declare that the outcome was rigged.

There is no evidence yet that the Russians have had anything to do with this latest set of malicious activities, and many experts say they believe that President Vladimir Putin is sitting out this election. After all, the argument goes, the scrutiny is intense, and 470 House and Senate races make it just too hard for the Russians to figure out their interests, much less manipulate the outcome. But after the 2016 debacle, suspicions run deep, and some think that the Russians just have not played their hand yet.

“The Russians are too smart to run the same play a second time,” said Dmitri Alperovich, one of the founders of cybersecurity firm CrowdStrike, who was central to identifying the Russian military inside the DNC, touching off chaos in the Democratic Party. “If they were going to do anything in today’s environment, they certainly wouldn’t want to act until the very last moment.” Whether a Russian change of tactics is unfolding is just one of many mysteries surrounding this first national election in the United States after the most sophisticated known effort by a foreign power to divide Americans, and ultimately seek to alter the outcome.

If there is a lesson from 2016, it was that America was constantly taken by surprise — by the hacking of the Democratic National Committee and prominent Democrats, by the publication of internal emails, by efforts to get inside the voter-registration rolls of 20 states.

The Russians have not exactly gone away. While there are few signs of pre-election intrusions into voter-registration systems, the social media campaigns never ended; some accelerated immediately after the 2016 elections.

“We shouldn’t be surprised by any of this,” Huntley said. “It’s like fighting the last war. When I was in the military academy people told us all the next wars were going to look like the first Gulf War. They didn’t. And in cyber, the next war won’t look like 2016.” Already, it is full of surprises.

Some Surprise Visitors

In 2016, the Iranians were nowhere to be seen in the U.S. election process. This year, they showed up in such force that Facebook announced on Oct. 26 that it was taking down a series of Iranian posts — mostly, it seemed, to demonstrate that the company’s radar is finally on high alert.

Intelligence officials and cybersecurity companies say the Iranians mostly appear to be copying techniques that they learned from watching the Russians, especially in social media.

But there is a twist: The Russians and the Iranians are clearly not in political agreement here. While both have sought to exacerbate political and social divides, the Russians clearly showed a preference for Trump as Election Day approached, according to the conclusions published after the election by U.S. intelligence agencies.

The Iranians are playing the other side. “They don’t like what happened to the nuclear deal,” said Yasmin Green, director of research and development for Jigsaw, a unit of Alphabet, Google’s parent company.

Green, one of the country’s leading experts on the uses and abuses of social media, noted that Trump’s withdrawal from the 2015 nuclear deal with Iran, and his reimposition of drastic sanctions, has made the Iranians determined to cripple him.

“Not only are they anti-this administration,” she said, they are “pro-liberal.” By comparison to the Russians, the Iranian hackers are still pretty unsophisticated and are largely inept at imitating down-the-street-neighbors when posting to Facebook and Reddit.

One ad showed a frowning Trump, and declared him “The Worst, Most Hated President in American History,” the kind of extreme declaration one might expect of Trump himself.

The number of these posts appeared small — about 82 Facebook pages, groups and accounts — but they generated more than a million followers.

Looking to Ukraine

In 2016, America’s big mistake was failing to understand what had been happening in Ukraine.

Every technique Putin’s hackers, from the network break-in artists at the GRU to the producers of fake social-media posts at the internet Research Agency in St. Petersburg, used in the United States, they tested in Kiev and the Donbass, the separatist area where the Russians have been stoking civil war.

So it is no surprise, said Tom Burt, vice president for customer security and trust at Microsoft, that the most active battleground is, once again, Ukraine.

In the Microsoft Cybercrime Center, a giant digital map of the world shows cyberattack activity, but the number of attacks are adjusted for the size of the population. Ukraine shows up in bright red. The United States, with 330 million people, or seven times the population of Ukraine, shows up in white, a sign of relative calm.

“We’re seeing activity in the U.S., but we’re seeing it at levels less than we saw in 2016,” Burt said.

He cautioned that Microsoft, with its network of machines using Office software and its Azure cloud computing services, is more likely to see hacking of accounts than social media activity. Still, Burt’s group alerted two senators last year that a hacking group long linked to the GRU had attacked their Capitol Hill offices, unsuccessfully.

One of the senators was Claire McCaskill, D-Mo., who is considered highly vulnerable. Microsoft also detected intrusions on two politically conservative think tanks in Washington in August. To get a sense of what is coming to the United States, Green and Jigsaw’s chief executive, Jared Cohen, visited Ukraine in recent weeks and found that it was still Putin’s petri dish, a place where sophisticated new experiments were underway to deluge separatist parts of the country with disinformation ahead of military actions and a presidential election in March.

Ukraine is “always on the leading edge,” she concluded.

What About China?

The question of China’s involvement was raised first by Trump and then by Pence, who said in a speech that “Beijing has mobilized covert actors, front groups, and propaganda outlets to shift Americans’ perception of Chinese policies.”

But Trump and Pence were borrowing the terminology of cyberattacks to describe something very different: Efforts by China to publish policy arguments, often in newspaper supplements that have been paid for by the Chinese government for years, to make its case.

There is no evidence, officials and outside experts say, of the kind of hacking that Russia has engaged in, or even much social-media use. When three Democratic senators asked Dan Coats, director of national intelligence, for an unclassified letter explaining what the Chinese were doing in the 2018 election, to truth-test the administration’s arguments, Coats avoided any potential contradictions with his boss by sending a classified answer.

“You can’t have it both ways,” Sen. Ron Wyden, D-Ore., said. Coats, he said, “has an obligation to the American people to provide a public response to our questions, particularly since this is about America’s elections and the security of our democracy.”

Those Machines in Texas

If awards were handed out for most-bungled-election-machine-management, Texas would be a strong contender for the top prize. It is just that the problem is the machines or the voters, not Putin’s hackers.

As early voting began recently, voters who hit the button to choose a straight Republican or Democratic ballot on a certain kind of machine — called a “Hart InterCivic eSlate” — discovered that if they mistakenly touched a quirky button or clickwheel, the ballot could change. And there was no way for voters to see it changing.

That is another reason that paper backup for electronic voting machines is so important, so that voters can look over their selections, and so vote-counters have a nonelectronic way of conducting a recount, if the machines cannot be trusted.

One would think that after all the concerns in 2016, states and counties would have been racing to update their systems. “Most did almost nothing,” Douglas Lute, a former U.S. ambassador to NATO and Army general, who has taken up the cause of reforming the election infrastructure, said in an interview. The $380 million that Congress allotted recently mostly went to funding assessments of vulnerabilities.

Yet while states and counties made changes, New Jersey, Delaware, Georgia, South Carolina and Louisiana still use no paper backup, and parts of Pennsylvania, a vital swing state, do not, either. That has not changed since 2016, and it is unlikely that it will be solved by 2020.

That is only part of the problem. Many counties use old, insecure websites for their voter registration; it would be relatively simple to create “spoofed” alternative sites or break into them, to manipulate data or post notices that polls have been closed or Election Day moved. That could be the next move in the county-by-county activity seen in recent days.

There also is room for mischief as votes are tabulated and reported to the state, and ultimately to media outlets.

Eric Rosenbach, a former senior Defense Department official who directs the Defending Digital Democracy initiative at Harvard’s Belfer Center, which has provided training in recent months to election officials from 38 states, notes that is exactly what happened in Ukraine, “creating conflicting reporting about who really won.” The effort was intended to sow doubts about whether the entire election had been manipulated.

The Unknown

It would not take much to disrupt Tuesday’s vote in a few important swing districts, and that is what the U.S. government — and many private security experts — are worried about.

The Department of Homeland Security says it will be deploying small teams of cyberexperts to important states — presumably those that are most vulnerable, or have close races — just before the election. But it is not hard to imagine different scenarios that could cause disruption, or just create the illusion of disruption.

A last-minute attack on county or state voter-registration systems, just to knock them offline, would create an uproar from voters who might show up at the polls and find they could not vote. A strike at power grids, turning out the lights at polling places, or just disrupting transportation systems could suppress turnout and lead to charges of manipulation.

And then there is another fear: Come Wednesday, if there are still races that are too close to call, just a rumor campaign about possible election manipulation might be enough to cast doubt about the integrity of the results. And in the end, that is what election disruption is all about — undermining the citizens’ confidence that their vote counts.