Senior threat researcher Sean Gallagher said he had studied a number of ransomware attacks himself.
"They've [local governments] been hit because of phishing attacks that were at most targeted to individuals based on public data, and were otherwise opportunistic," he added.
A report in the Washington Post on 10 October claimed that the US Cyber Command had tried to disrupt the operations of Trickbot, the biggest known botnet which is used to spread malware, and cited officials as saying it was one of the top threats to the 2020 US presidential election.
The Post also claimed that Department of Homeland Security officials feared a ransomware attack on state or local voter registration offices and related systems could disrupt preparations for the poll or cause confusion or long lines on voting day.
But Gallagher, a long-time veteran in cyber security, did not appear too convinced.
"While Trickbot has been a major threat as part of ransomware attacks in the past, many attackers — including Ryuk, the attacker responsible for the most ransomware attacks on state and local governments last year — have shifted to other means of spreading their attacks, based on attacks we've recently researched," he said.
"While we've seen Trickbot-connected malware as part of these attacks, we're seeing greater reliance on other malware and tools to carry attacks out — including pirated versions of legitimate 'offensive security' tools such as Cobalt Strike."
Sophos has a history of putting out detaled reports on ransomware. In August the company released a five-part series [1, 2, 3, 4, 5] under the title The reality of ransomware, which looked at many of the players in this space.
Gallagher said: "Ransomware poses a threat to all organisations, and ransomware operators are generally motivated by the money, not politics.
"Moves against Trickbot infrastructure are to be commended, because of the size of the botnets controlled by the Trickbot actors.
"But ransomware attackers' tactics don't stand still, and this is unlikely to have a sizeable impact on attackers going forward. Businesses and governments need to stay vigilant."