After the pro-Trump hack-and-leak operations and disinformation campaigns that roiled the 2016 US election, the country braced for a second round of no-holds-barred foreign interference last year. But US intelligence agencies have now confirmed that didn’t entirely come to pass. The 2020 election was hit with meddling, trolling, and disinformation operations like those of 2016—but not the outright efforts to hack election infrastructure or political campaigns themselves.

On Tuesday, the Office of the Director of National Intelligence released a declassified report that outlines findings from US intelligence agencies including the CIA, NSA, FBI, and DHS on the overall picture of election interference by foreign actors in 2020. Those agencies agree that while more foreign powers than ever before attempted to influence the outcome of the election—using everything from disinformation to voter intimidation emails to social media campaigns—none actually seems to have used hackers to attempt to disrupt the election or access election infrastructure as they did in 2016.

“In 2020, the IC tracked a broader array of foreign actors taking steps to influence US elections than in past election cycles,” the report reads, naming Russia, Iran, Cuba, Venezuela, and even Lebanon’s Hizbollah Islamic extremist group as actors that sought to influence the election’s outcome. Russia in particular sought to support Trump’s reelection bid with everything from troll-farm social media postings to active smear operations that provided information directly to “Trump administration-linked persons.” Iran, meanwhile, worked against Trump’s reelection with social media campaigns and even fake, threatening emails designed to frame the Trump-supporting white nationalist group the Proud Boys—while not directly supporting Biden or any of Trump’s other political opponents.

But the report adds that the intelligence agencies “have no indications that any foreign actor attempted to interfere in the 2020 US elections by altering any technical aspect of the voting process, including voter registration, ballot casting, vote tabulation, or reporting results.”

More remarkable, perhaps, given the operation by Russia’s GRU military intelligence agency in 2016 to hack into the Democratic National Committee and the Clinton campaign and publicly leak their emails, the report contains no mention of any such hack-and-leak operation or any other disruptive hacking tactics targeting election organizations, politicians, or their campaigns. Instead, state-sponsored hacker intrusions appear to have been limited largely to more traditional espionage. That signifies a retreat from the most aggressive election-hacking tactics Russia demonstrated four years earlier, when it also broke into multiple states’ board of election voter rolls.

That shift away from hacking was likely driven by both higher costs and smaller gains associated with election-targeted hacking operations in 2020 compared to 2016, argues Clint Watts, a distinguished research fellow at the Foreign Policy Research Institute who focuses on influence operations. He points to Obama’s high-profile steps to punish Russia’s election-related hacking in 2016, just before leaving office, which included expelling diplomats, seizing Russian-owned properties in the US, and sanctions against Russian officials. 

With the polls leaning towards the Democratic ticket through much of 2020, the Kremlin and other foreign governments may have feared that a victorious Biden would implement a similarly punishing foreign policy. “Foreign adversaries knew if they messed around with the vote or a campaign, there would be a response,” Watts says. “If you’re a foreign country, you saw how charged the US got in 2016. If Biden won, as president, he’d probably do something. That changes your calculus.”

At the same time, Trump’s rhetoric about Biden and others generated enough “noise,” Watts says, that any hacked and leaked data would have been drowned out anyway. “Trump advances so many lies already, so much disinformation, so many claims, that it’s very difficult to shift things such that Biden would have to respond to it,” Watts says. “What can you say that would be more insinuating or more derogatory than what’s already out there?”

The ODNI report does confirm earlier findings by the cybersecurity firm Area1 that the GRU attempted to hack into Burisma—the Ukrainian gas company where Joe Biden’s son Hunter served on the board—likely in search of evidence of corruption. (Unlike Area1, the ODNI report stops short of confirming that those intrusions were successful.) But Watts notes that the Kremlin may have considered Burisma fair game, given that the company, unlike the GRU’s hack-and-leak targets in 2016, was outside of the US. “They were signaling: We’re not going to hack something in the United States,” Watts says. “We’re going where we can hack and it’s difficult for the Americans to have a clear response, because they don’t defend a Ukrainian company.”