Mr. Sanders, for his part, on Friday warned Moscow to stay out of the election.
The senator is hardly a new target for the Russians. The 2018 indictment of 12 Russian intelligence officers for their activities in the last presidential election — issued by the Justice Department under the Trump administration — claimed that the officers “engaged in operations primarily intended to communicate derogatory information about Hillary Clinton, to denigrate other candidates such as Ted Cruz and Marco Rubio, and to support Bernie Sanders and then-candidate Donald Trump.”
Robert S. Mueller III, in the report on his investigation into Russian operations, concluded that the release of memos hacked from the Democratic National Committee were meant to inflame Mr. Sanders’s supporters by revealing that the committee was funneling assets to Mrs. Clinton.
The more recent public reports emerging from the Department of Homeland Security and the F.B.I., and classified reports generated by the C.I.A. and others suggest that while the Russian objectives have remained the same, the techniques have shifted.
“The Russians aren’t going to use the old playbook, we know that,” said Christopher C. Krebs, who runs the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency.
His organization, along with the National Security Agency and British intelligence, has been steadily documenting how Russian operatives are becoming stealthier, learning from the mistakes they made in 2016.
As they focus on evading more vigilant government agencies and technology companies trying to identify and counter malicious online activity, the Russians are boring into Iranian cyberoffense units, apparently so that they can initiate attacks that look as if they originate in Iran — which itself has shown interest in messing with the American electoral process. Russians are putting more of their attack operations on computer servers in the United States, where the National Security Agency and other intelligence agencies — but not the F.B.I. and homeland security — are prohibited from operating.
And, in one of the most effective twists, they are feeding disinformation to unsuspecting Americans on Facebook and other social media. By seeding conspiracy theories and baseless claims on the platforms, Russians hope everyday Americans will retransmit those falsehoods from their own accounts. That is an attempt to elude Facebook’s efforts to remove disinformation, which it can do more easily when it flags “inauthentic activity,” like Russians posing as Americans. It is much harder to ban the words of real Americans, who may be parroting a Russian story line, even unintentionally.