U.S. indicts two Iranian hackers over 2020 election misinformation campaign

Two Iranian men were indicted by the U.S. Justice Department on Thursday, accused of a brazen hacking and disinformation campaign that targeted American voters in the run-up to the 2020 U.S. presidential election.

Seyyed Kazemi, 24, and Sajjad Kashian, 27, allegedly sent threatening emails to try to scare voters, attempted to break into several states’ voting-related websites and gained access to a U.S. media company’s computer network.

Officials say the pair emailed thousands of voters in October, including many Democrats. They allegedly claimed to be Proud Boys and threatened the email recipients with physical attacks if they did not change party affiliation and vote for President Donald Trump. The emails seemed to target primarily voters in Florida and Alaska, officials said at the time.

The same illicit effort also pushed a video through Facebook, Twitter and YouTube that claimed to show someone hacking into voter websites to create falsified overseas and absentee ballots, according to the indictment. The court filing said that video also falsely claimed to be affiliated with the Proud Boys, a far-right group with a history of violence that largely embraced President Donald Trump.

Unlike the threatening emails, officials said the phony video about fake ballots was pushed at Republicans.

Within days of the email campaign beginning, U.S. officials called a hastily assembled news conference to warn voters of the foreign influence operation and urge them not to believe the claims that were being sent.

Officials said Thursday that they do not believe anyone switched their party affiliation or voted for a different candidate as a result of the emails. Matthew G. Olsen, head of the Justice Department’s national security division, accused the two Iranians of waging “a targeted, coordinated campaign to erode confidence in the integrity of the U.S. electoral system and to sow discord among Americans.”

He said the department will continue to fight foreign disinformation campaigns “using all available tools, including criminal charges.”

Kazemi and Kashian allegedly tried to break into 11 state voter registration and information websites, according to the indictment filed in federal court in New York. In one case, it alleges, they found a vulnerability that allowed them to successfully download information about more than 100,000 of that state’s voters.

[U.S. government says Iran was behind threatening emails sent to Democrats in multiple states, including Alaska]

Kazemi was charged with gaining access to computer servers and writing some of the disinformation messages, while Kashian is charged with running the network of computers that carried out the operation.

On the day after the election, the pair allegedly also tried to break into the computer network of a company that provides content management systems to many U.S. news organizations, in an attempt to spread more disinformation. However, officials said, that attempt was unsuccessful because the FBI had already warned the firm about the alleged hackers’ previous entry into their system.

Officials said the two men worked for an Iran-based company formerly known as Eeleyanet Gostar, which is now called Emennet Pasargad. U.S. officials said the company is known to have provided services to the Iranian government and changed its name largely to try to avoid U.S. sanctions imposed for prior cyberattacks.

After the Justice Department announced the indictment, U.S. officials said the government was imposing sanctions against six people tied to the Iranian company.

The indictment does not allege that the hacking and disinformation campaign was directed by the Iranian government. But the sanctions announcement by the Treasury Department said the hackers were “state-sponsored,” an accusation echoed by Secretary of State Antony Blinken.

“State-sponsored actors, including Iranian groups, have engaged in covert and deceptive activities to disseminate disinformation through websites and social media designed to undermine Americans’ faith in U.S. elections,” Blinken said, adding that the U.S. government’s actions demonstrate “that we will hold state-sponsored actors to account for attempting to undermine public confidence in the electoral process and U.S. institutions.”

At the time U.S. officials first accused Iran of the hacking and disinformation efforts, Iranian officials denied any involvement, calling them “baseless accusations.”

Justice Department officials said the two men charged Thursday are believed to be in Iran, which makes it unlikely they will be brought to a U.S. courtroom anytime soon.

The initial U.S. response to the disinformation campaign was noteworthy because of how quickly officials publicly identified the country they deemed responsible. Officials in Washington were also quick to disclose that U.S. Cyber Command and the National Security Agency took actions to stymie the Iranian efforts - moving with urgency to show that the federal government would act more quickly than it did in 2016 to combat foreign election interference.

At the time, officials also made clear that they had good visibility into what the Iranian hackers were trying to do even before the disinformation campaign began.

The point of those efforts, officials said at the time, was to inoculate and educate voters against disinformation and give the public confidence in the election’s integrity.

On Thursday, officials cautioned that foreign adversaries try to tailor disinformation campaigns to issues that already resonate with Americans, and promote accusations and suspicions that citizens are likely to believe.