WASHINGTON — The Justice Department indicted two Iranian hackers on Thursday for seeking to influence the 2020 election with a clumsy effort to intimidate voters, just a day after the nation’s cyberdefense authorities warned of an escalating Iranian effort to insert malicious code into the computer networks of hospitals and other critical infrastructure.
According to a New York grand jury indictment, Seyyed Kazemi (24 years old) and Sajjad Kashian (27 years old) were accused of sending threatening messages and hacking into several thousand voters. They also broke into at least one media company and some voter registration systems. Many of the messages sent to Iranians appeared to be from the Proud Boys, a right-wing extremist group.
Officials from law enforcement claimed that Facebook messages and emails sent by the Iranians to Republicans falsely claimed that the Democrats planned to exploit security flaws in state voter databases to register voters who are not there. The hackers also sent thousands of emails to Democrats. They demanded that recipients change their party affiliation to vote for Donald J. Trump.
The emails were so badly written, however, that they immediately seemed suspect, and the effort was quickly exposed by Mr. Trump’s own administration. Officials in intelligence have always considered the emails to Democrats to just be a bit of reverse psychology meant to make the recipients more likely not to vote for Mr. Trump.
Thursday’s revelations by law enforcement officials also revealed that Iranians had hacked a media company that provides content management systems for dozens more newspapers. Officials did not reveal the identity of the company.
Officials from law enforcement said that if they had kept access, they might have been in a position to post fake stories to undermine elections. But the F.B.I. The F.B.I. discovered the intrusion and notified company. When the Iranians attempted to enter the system, the day after the election, the company discovered that their access was blocked.
The timing of the indictment seemed coincidental. It was announced after Cybersecurity and Infrastructure Security Agency, part of Department of Homeland Security, issued Wednesday a bulletin warning of a large-scale, state-sponsored Iranian campaign of hacking into American computer networks and hospitals. The warning was rare: Australia and Britain’s governments issued it. He also participated in the issuing of it and stated that a number ransomware attack were being planned by the Iranian government and not just criminal groups.
Together, the indictment as well as the warning indicate that the Iranian government is expanding its offensive cyber units and learning from techniques from Russia. The warning did not identify which American hospitals or transportation systems were at the center of Iranian attacks.
“Our intelligence officials have continually warned that other countries would seek to follow Russia’s 2016 playbook,’’ Senator Mark Warner, the Virginia Democrat and chairman of the Senate Intelligence Committee, said in a statement after the indictment was announced. “Today’s charges and sanctions against several Iranians believed to be behind a cyber campaign to intimidate and influence American voters in the 2020 election are further evidence that attempts to interfere in our elections will continue, and we must all be on guard against them.”
The indictment on Thursday did not state that the two men were working with the Iranian government. They were instead employed by a cybersecurity firm, which claims to do defense work for Iran’s government. But U.S. officials have long contended that several such companies focus on offensive cyber activities — from theft of data to sabotaging of networks, often directed at the U.S.
In the election case, previously declassified intelligence reports have linked the efforts to Tehran’s government ministries, and suggested that Iran was attempting to use variations of the playbook designed by Russia in its efforts to influence The 2016 election.
In 2016, and 2020, intelligence officials concluded that Russia tried to influence the election in order to benefit Mr. Trump. And while Thursday’s indictment did not specify the goal of the Iranian hackers — beyond sowing divisions among Americans — intelligence officials have repeatedly said that Iranian influence efforts were aimed at hurting Mr. Trump’s re-election efforts.
“This indictment details how two Iran-based actors waged a targeted, coordinated campaign to erode confidence in the integrity of the U.S. electoral system and to sow discord among Americans,” Matthew G. Olsen, who recently took over as head of the National Security Division of the Justice Department, said. “The allegations illustrate how foreign disinformation campaigns operate and seek to influence the American public.”
Officials claimed that the Treasury Department would impose the sanctions. Reward schemes would be established for information that would allow the U.S. government to arrest the indicted hackers. The men are still in Iran and officials can only hope to get them arrested.
In a speech earlier this week, Gen. Paul M. Nakasone, the head of U.S. Cyber Command and director of the National Security Agency, said one of the main lessons of the government’s 2020 election defense efforts was that multiple foreign governments had tried to influence the outcome.
Officials from intelligence have stated that Russia, Iran, China and China made the largest efforts to influence American politics in 2020. However Cuba also used narratives to denigrate President Trump, according to a March intelligence report.
“What did we learn? We had more adversaries. We had more committed adversaries,” General Nakasone said.
Other intelligence officials have noted that Russia appeared to hold back from the kind of tactics it used in 2016; instead, the SVR, one of Russia’s premier intelligence agencies, focused on the SolarWinds infiltration, altering a type of software used by thousands of companies and government agencies. That gave them access to a far larger group of targets — a technique that China and other countries are also using.
Source: NY Times