US Indicts Iranian Nationals for Cyber-Enabled Election InterferenceUS Indicts Iranian Nationals for Cyber-Enabled Election Interference
Among other things, the pair pretended to be Proud Boys volunteers and sent in a fake video and emails to Republican lawmakers purporting to show Democratic Party attempts to subvert the 2020 presidential elections.
November 19, 2021
The US this week handed down indictments against two Iranian nationals for election interference and intimidation in the latest indication that Russian actors are not the only ones behind cyber-enabled disinformation campaigns.
Mohammad Hosein Musa Kazemi, aka Hosein Zamani, 24, and Sajjad Kashian, aka Kiarash Nabavi, 27, both of Iran, were charged in a federal court in New York Thursday for allegedly illegally accessing confidential US voter information from at least one state election website. Other charges against them include allegedly sending threatening email messages to voters in an apparent bid to intimidate them; creating and distributing video containing false information about vulnerabilities in the election infrastructure; and accessing a media company's network and attempting to use it to spread false information. In addition, Kazemi and Zamani are accused of attempting to illegally access voting-relating websites of multiple states.
"This indictment details how two Iran-based actors waged a targeted, coordinated campaign to erode confidence in the integrity of the U.S. electoral system and to sow discord among Americans," Assistant Attorney General Matthew Olsen of the Justice Department’s National Security Division said in a statement. "The allegations illustrate how foreign disinformation campaigns operate and seek to influence the American public."
The DoJ described Kazemi and Kashian as experienced Iranian hackers who worked for Emennet Pasargad, an Iran-based company that purportedly provides cybersecurity services. The firm is known to have provided service to the Iranian government and its 12-member Guardian Council, the DoJ said.
The indictment marks the second time this week when news has surfaced of non-Russian actors being involved in disinformation campaigns — particularly those related to elections. On Tuesday, researchers at Mandiant released a report that linked the government in Belarus to a long-running disinformation campaign in Europe called Ghostwriter that many had previously assumed was the handiwork of operatives working for Russia's foreign intelligence service. Mandiant's investigation showed that the disinformation campaign was more aligned with Belarusian than Russian interests and that operatives of the threat group providing operational support to Ghostwriter were based in Minsk, not Moscow.
Russia has been the target of most accusations until now — by the US and other governments — regarding cyber-enabled election interference in recent years. But the news this week of Iranian and Belarusian actors being engaged in such activity would suggest that cyber missions to sow dissent and disinformation have spread beyond Russia.
Voter Website Hacked
According to the US DoJ, Kazemi and Kashian were part of a coordinated effort by Iranian actors to undermine trust and confidence in the 2020 presidential election. In September and October 2020, the two indicted individuals allegedly attempted to compromise some 11 state voter websites that included voter registration and voter information websites. One such effort resulted in the breach of one state voter website and the illegal downloading of information belonging to more than 100,000 registered voters.
In October 2020, Kazemi and Kashian with other conspirators claimed to be a group of volunteers associated with the far-right Proud Boys group. They sent messages and emails to Republican lawmakers and individuals associated with former President Trump's presidential campaign claiming to reveal a Democratic Party plan to exploit vulnerabilities in state voter registration websites to edit mail-in ballots and register nonexistent voters. They even sent in a video with a Proud Boys logo purporting to show an individual hacking into state voter websites and using stolen information to create fake absentee ballots — using the voter information they had previously accessed from one state website.
In the month before the election, the two Iranians and their unnamed conspirators allegedly sent threatening emails to tens of thousands of registered Democratic voters. The emails purported to be from the Proud Boys and threatened recipients with physical harm if they did not change party affiliations.
One day after the general election, the group for whom Kazemi and Kashian worked for allegedly attempted to take advantage of access they had previously gained on a media company's site to try and disseminate fake news regarding the elections. But the media company, acting on an FBI tip, had already mitigated the intrusion, the DoJ said.
About the Author(s)
Hacking Your Digital Identity: How Cybercriminals Can and Will Get Around Your Authentication MethodsOct 26, 2023
Modern Supply Chain Security: Integrated, Interconnected, and Context-DrivenNov 06, 2023
How to Combat the Latest Cloud Security ThreatsNov 06, 2023
Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and PhishingNov 01, 2023
SecOps & DevSecOps in the CloudNov 06, 2023