US officials accused Iran on Wednesday of being behind a flurry of emails sent to Democratic voters in multiple battleground states that appeared to be aimed at intimidating them into voting for President Donald Trump.
The officials did not lay out specific evidence for how they came to pinpoint Iran, but the activities attributed to Tehran would mark a significant escalation for a country some cybersecurity experts regard as a second-rate player in online espionage. The announcement was made at a hastily called news conference 13 days before the election.
The allegations underscored the US government's concern about efforts by foreign countries to influence the election by spreading false information meant to suppress voter turnout and undermine American confidence in the vote.
Such direct attempts to sway public opinion are more commonly associated with Moscow, which conducted a covert social media campaign in 2016 aimed at sowing discord and is again interfering this year, but the idea that Iran could be responsible suggested that those tactics have been adopted by other nations, too.
"These actions are desperate attempts by desperate adversaries," said John Ratcliffe, the government's national intelligence director, who, along with FBI Director Chris Wray, insisted the US would impose costs on foreign countries that interfere in the US election and that the integrity of the vote remains sound.
"You should be confident that your vote counts," Wray said. "Early, unverified claims to the contrary should be viewed with a healthy dose of skepticism."
The two officials called out both Russia and Iran for having obtained voter registration information, though such data is sometimes easily accessible and there was no allegation either country had hacked a database for it. Iran sent spoofed emails designed to intimidate voters and sow unrest and also distributed a video that falsely suggested voters could cast fraudulent ballots from overseas, Ratcliffe said.
Wray and Ratcliffe did not describe the emails, but officials familiar with the matter said the U.S. has linked Tehran to messages sent to Democratic voters in at least four states, including battleground locations like Pennsylvania and Florida. The emails falsely purported to be from the far-right group Proud Boys and warned that “we will come after you” if the recipients didn’t vote for Trump.
Though Democratic voters were targeted, Ratcliffe said the spoofed emails were intended to harm Trump, though he did not elaborate how. One possibility is the messages may have been intended to align Trump in the minds of voters with the Proud Boys after he was criticised for failing to unequivocally denounce the group during the first presidential debate.
It would not be the first time that the Trump administration has said Tehran is working against the president.
An intelligence assessment in August said: "Iran seeks to undermine US democratic institutions, President Trump, and to divide the country in advance of the 2020 elections." It said the country would probably continue to focus on “spreading disinformation on social media and recirculating anti-U.S. content.”
Alireza Miryousefi, a spokesman for Iran’s mission to the United Nations, denied Tehran's involvement.
“Unlike the US, Iran does not interfere in other country’s elections,” Miryousefi wrote on Twitter. “The world has been witnessing US′ own desperate public attempts to question the outcome of its own elections at the highest level.”
Trump, speaking at a rally in North Carolina, made no reference to the intelligence announcement, but repeated a familiar campaign assertion that Iran is opposed to his reelection. He promised that if he wins another term he will reach a new accord with Iran over its nuclear program.
“Iran doesn’t want to let me win. China doesn’t want to let me win,” Trump said. “The first call I’ll get after we win, the first call I’ll get will be from Iran saying let’s make a deal.”
House Speaker Nancy Pelosi and Rep. Adam Schiff, Democratic chairman of the House intelligence committee, said the “disturbing” threats cut to the heart of the right to vote.
“We cannot allow voter intimidation or interference efforts, either foreign or domestic, to silence voters’ voices and take away that right,” the they said in a statement.
While state-backed Russian hackers are known to have infiltrated US election infrastructure in 2016, there is no evidence that Iran has ever done so. It was also not clear how officials were able to identify Iran so quickly.
The operation represented something of a departure in cyber-ops for Iran, which sought for the first time on record to undermine voter confidence. Iran’s previous operations have been mostly propaganda and espionage.
A top cyberthreat analyst, John Hultquist of FireEye, said the development marked "a fundamental shift in our understanding of Iran’s willingness to interfere in the democratic process. While many of their operations have been focused on promoting propaganda in pursuit of Iran’s interests, this incident is clearly aimed at undermining voter confidence."
The voter intimidation operation apparently used email addresses obtained from state voter registration lists, which include party affiliation and home addresses and can include email addresses and phone numbers.
Those addresses were then used in an apparently widespread targeted spamming operation. The senders claimed they would know which candidate the recipient was voting for in the Nov. 3 election, for which early voting is ongoing.
Asked about the emails during an online forum earlier Wednesday, Pennsylvania Secretary of State Kathy Boockvar said she lacked specifics. “I am aware that they were sent to voters in multiple swing states and we are working closely with the attorney general on these types of things and others,” she said.
Federal officials have long warned about the possibility of this type of operation, as such registration lists are not difficult to obtain.
“These emails are meant to intimidate and undermine American voters’ confidence in our elections,” Christopher Krebs, the top election security official at the Department of Homeland Security, tweeted Tuesday night after reports of the emails first surfaced.