Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cyberwarfare

US Officials Link Iran to Emails Meant to Intimidate Voters

Iran is responsible for emails sent to Democratic voters in multiple states aimed at intimidating the recipients into voting for President Donald Trump, U.S. officials said Wednesday night in calling out both Tehran and Russia for activities meant to interfere in the upcoming presidential election.

Iran is responsible for emails sent to Democratic voters in multiple states aimed at intimidating the recipients into voting for President Donald Trump, U.S. officials said Wednesday night in calling out both Tehran and Russia for activities meant to interfere in the upcoming presidential election.

The activities attributed to Iran mark a significant escalation for a nation that some cybersecurity experts regard as a second-rate player in online espionage. Most public election interference discussion has centered on Russia, which hacked Democratic emails during the 2016 election, and China. The announcement at a rare, hastily called news conference just two weeks before the election underscored the concern within the U.S. government about efforts by foreign countries to spread false information meant to suppress voter turnout and undermine American confidence in the vote.

“These actions are desperate attempts by desperate adversaries,” said John Ratcliffe, the government’s top intelligence official, who, along with FBI Director Chris Wray, insisted the U.S. would impose costs on any foreign countries that interfere in the 2020 U.S. election and that the integrity of the election is still sound.

“You should be confident that your vote counts,” Wray said. “Early, unverified claims to the contrary should be viewed with a healthy dose of skepticism.”

Wray and Ratcliffe did not describe the emails linked to Iran, but officials familiar with the matter said the U.S. has linked Tehran to messages sent to Democratic voters in at least four battleground states that falsely purported to be from the neo-fascist group Proud Boys and that warned “we will come after you” if the recipients didn’t vote for Trump.

Ratcliffe said the spoofed emails were intended to hurt Trump, though he did not elaborate on how. An intelligence assessment released in August said: “Iran seeks to undermine U.S. democratic institutions, President Trump, and to divide the country in advance of the 2020 elections. Iran’s efforts along these lines probably will focus on online influence, such as spreading disinformation on social media and recirculating anti-U.S. content.”

Trump, speaking at a rally in North Carolina, made no reference to the press conference but repeated a familiar campaign assertion that Iran is opposed to his reelection. He promised that if he wins another term he will swiftly reach a new accord with Iran over its nuclear program.

“Iran doesn’t want to let me win. China doesn’t want to let me win,” Trump said. “The first call I’ll get after we win, the first call I’ll get will be from Iran saying let’s make a deal.”

Advertisement. Scroll to continue reading.

Both Russia and Iran also obtained voter registration information, though such data is considered easily, publicly accessible. Tehran used the information to send out the spoofed emails, which were sent to voters in states including Pennsylvania and Florida.

Asked about the emails during an online forum Wednesday, Pennsylvania Secretary of State Kathy Boockvar said she lacked specific information. “I am aware that they were sent to voters in multiple swing states and we are working closely with the attorney general on these types of things and others,” she said.

While state-backed Russian hackers are known to have infiltrated U.S. election infrastructure in 2016, there is no evidence that Iran has ever done so.

The voter intimidation operation apparently used email addresses obtained from state voter registration lists, which include party affiliation and home addresses and can include email addresses and phone numbers. Those addresses were then used in an apparently widespread targeted spamming operation. The senders claimed they would know which candidate the recipient was voting for in the Nov. 3 election, for which early voting is ongoing.

Federal officials have long warned about the possibility of this type of operation, as such registration lists are not difficult to obtain.

“These emails are meant to intimidate and undermine American voters’ confidence in our elections,” Christopher Krebs, the top election security official at the Department of Homeland Security, tweeted Tuesday night after reports of the emails first surfaced.

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Cyberwarfare

WASHINGTON - Cyberattacks are the most serious threat facing the United States, even more so than terrorism, according to American defense experts. Almost half...

Cyberwarfare

Russian espionage group Nomadic Octopus infiltrated a Tajikistani telecoms provider to spy on 18 entities, including government officials and public service infrastructures.

Cybercrime

Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.

Cyberwarfare

Several hacker groups have joined in on the Israel-Hamas war that started over the weekend after the militant group launched a major attack.

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Cybercrime

On the first anniversary of Russia’s invasion of Ukraine, cybersecurity companies summarize the cyber operations they have seen and their impact.

Cyberwarfare

The war in Ukraine is the first major conflagration between two technologically advanced powers in the age of cyber. It prompts us to question...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...