A federal indictment unsealed Thursday accused two Iranian nationals of engaging in a sprawling effort to interfere in the 2020 U.S. elections — including by gaining access to confidential voter information from at least one state election website and attempting to access 11 states in total.
The defendants, Seyyed Mohammad Hosein Musa Kazemi, 24, and Sajjad Kashian, 27, face charges of computer fraud, voter intimidation and transmission of interstate threats for the activity, which occurred between August 2020 and November 2020.
Part of the campaign was allegedly sending emails to Democratic voters purportedly from the Proud Boys, a right wing nationalist hate group, demanding that they vote for former President Trump. That effort was quickly identified by journalists and the U.S. government as a likely Iranian interference effort.
The early reporting on the Proud Boys emails painted a picture of a crude campaign that was almost immediately unmasked. But Thursday’s indictment suggests a much more complex operation. Officials told reporters that registered Republicans and Democrats were sent a different sent of tailored messages.
Republican members of Congress, Trump White House advisers, people associated with the Trump campaign and members of the media were sent Facebook messages and emails alleging that the Democratic Party was planning to exploit “serious security vulnerabilities” in state voter registration systems to “edit mail-in ballots or even register non-existent voters,” the U.S. government alleges.
“Information operations like these are often geared towards dividing the electorate and fomenting conflict, as opposed to changing the minds of Americans as a whole,” a Department of Justice official said Thursday.
Officials declined to name any of the states targeted in the operation. But initial reporting identified registered voters in Florida and Alaska as having received the purported Proud Boys emails. The hackers successfully exploited a misconfigured computer system of one of the states, allowing them to download information concerning more than 100,000 of that state’s voters that was not intended to be public.
In a statement provided to CyberScoop, Gail Fenumiai, Alaska’s Director of Elections, said her office’s “duty is to work with law enforcement whenever incidents arise. The division took this specific incident seriously and did just that.” Her office declined to elaborate.
Florida Secretary of State Laurel Lee told CyberScoop in a statement that the state has “been in contact with the FBI and Florida is not the state involved in this announcement. There has been no breach to Florida’s Voter Registration database or any other elections-related system.”
Thursday’s indictment also alleges the hackers obtained access to the computer network of an unnamed media company that provides content management systems for “dozens” of other newspapers and other publications. The hackers tested their ability to modify and create content on the company’s system ahead of the election, the indictment says, and attempted to gain access to the company’s system on Nov. 4, 2020. They were unsuccessful because the FBI had notified the company, which then blocked the hackers’ access.
The U.S. Treasury Department announced sanctions against six Iranians and one Iranian company shortly after the charges were unsealed. The two suspects indicted Thursday were among them.
The two men worked for an Iranian cyber company called Emennet Pasargad, which had been previously sanctioned by the U.S. government under its former name, Net Peygard Samavat Company, for prior work with the Islamic Revolutionary Guard Corps-Electronic Warfare and Cyber Defense Organization.
The company’s manager, Mohammed Bagher Shirinkar, who had also previously been sanctioned, faces new sanctions, along with three people who serve on the company’s board of directors.