BOSTON — U.S. officials accused Iran on Wednesday of being behind a flurry of emails sent to Democratic voters in multiple battleground states that appeared to be aimed at intimidating them into voting for President Donald Trump.
The officials did not lay out specific evidence for how they came to pinpoint Iran, but the activities attributed to Tehran would mark a significant escalation for a country some cybersecurity experts regard as a second-rate player in online espionage. The announcement was made at a hastily called news conference 13 days before the election.
The allegations underscored the U.S. government's concern about efforts by foreign countries to influence the election by spreading false information meant to suppress voter turnout and undermine American confidence in the vote. Such direct attempts to sway public opinion are more commonly associated with Moscow, which conducted a covert social media campaign in 2016 aimed at sowing discord and is again interfering this year, but the idea that Iran could be responsible suggested that those tactics have been adopted by other nations, too.
“These actions are desperate attempts by desperate adversaries,” said John Ratcliffe, the government's top intelligence official, who, along with FBI Director Chris Wray, insisted the U.S. would impose costs on any foreign countries that interfere in the 2020 U.S. election and that the integrity of the election is still sound.
“You should be confident that your vote counts,” Wray said. “Early, unverified claims to the contrary should be viewed with a healthy dose of skepticism.”
The two officials called out both Russia and Iran for having obtained voter registration information, though such data is sometimes easily accessible and there was no allegation either country had hacked a database for it. Iran used the information to push out spoofed emails, officials said, and also created a video that Ratcliffe said falsely suggested that voters could cast fraudulent ballots from overseas.
Wray and Ratcliffe did not describe the emails linked to Iran, but officials familiar with the matter said the U.S. has linked Tehran to messages sent to Democratic voters in at least four states, including battleground locations like Pennsylvania, Florida and Arizona. The emails falsely purported to be from the far-right group Proud Boys and warned that “we will come after you” if the recipients didn’t vote for Trump.
Though Democratic voters were targeted, Ratcliffe said the spoofed emails were intended to hurt Trump, though he did not elaborate on how. It would not be the first time that the Trump administration has said Tehran is working against the president.
An intelligence assessment released in August said: “Iran seeks to undermine U.S. democratic institutions, President Trump, and to divide the country in advance of the 2020 elections. Iran’s efforts along these lines probably will focus on online influence, such as spreading disinformation on social media and recirculating anti-U.S. content.”
Alireza Miryousefi, a spokesman for Iran’s mission to the United Nations, denied Tehran had anything to do with the alleged voter intimidation.
“Unlike the U.S., Iran does not interfere in other country’s elections,” Miryousefi wrote on Twitter. “The world has been witnessing U.S.′ own desperate public attempts to question the outcome of its own elections at the highest level.”
Trump, speaking at a rally in North Carolina, made no reference to the announcement, but repeated a familiar campaign assertion that Iran is opposed to his reelection. He promised that if he wins another term he will swiftly reach a new accord with Iran over its nuclear program.
“Iran doesn’t want to let me win. China doesn’t want to let me win,” Trump said. “The first call I’ll get after we win, the first call I’ll get will be from Iran saying let’s make a deal.”
Asked about the emails during an online forum earlier Wednesday, Pennsylvania Secretary of State Kathy Boockvar said she lacked specific information. “I am aware that they were sent to voters in multiple swing states and we are working closely with the attorney general on these types of things and others,” she said.
While state-backed Russian hackers are known to have infiltrated U.S. election infrastructure in 2016, there is no evidence that Iran has ever done so, and it was not clear how officials were able to identify Iran so quickly.
The operation represented something of a departure in cyber-ops for Iran, which sought for the first time on record to undermine voter confidence. Iran’s previous operations have been mostly propaganda and espionage.
A top cyberthreat analyst, John Hultquist of FireEye, said the striking development marked “a fundamental shift in our understanding of Iran’s willingness to interfere in the democratic process. While many of their operations have been focused on promoting propaganda in pursuit of Iran’s interests, this incident is clearly aimed at undermining voter confidence.”
The voter intimidation operation apparently used email addresses obtained from state voter registration lists, which include party affiliation and home addresses and can include email addresses and phone numbers. Those addresses were then used in an apparently widespread targeted spamming operation. The senders claimed they would know which candidate the recipient was voting for in the Nov. 3 election, for which early voting is ongoing.
Federal officials have long warned about the possibility of this type of operation, as such registration lists are not difficult to obtain.
“These emails are meant to intimidate and undermine American voters’ confidence in our elections,” Christopher Krebs, the top election security official at the Department of Homeland Security, tweeted Tuesday night after reports of the emails first surfaced.
_____
Bajak reported from Boston. Associated Press writers Christina A. Cassidy in Atlanta and Michael Balsamo, Colleen Long and Zeke Miller in Washington contributed to this report.