The threatening emails officials did not lay out specific evidence for how they came to pinpoint Iran, but the activities attributed to Tehran would mark a significant escalation for a country some cybersecurity experts regard as a second-rate player in online espionage. The announcement was made late Wednesday at a hastily called news conference 13 days before the election.
The allegations underscored the U.S. government’s concern about efforts by foreign countries to influence the election by spreading false information meant to suppress voter turnout and undermine American confidence in the vote. Such direct attempts to sway public opinion are more commonly associated with Moscow, which conducted a covert social media campaign in 2016 aimed at sowing discord and is again interfering this year, but the idea that Iran could be responsible suggested that those tactics have been adopted by other nations, too.
» MORE: Twitter removes dozens of fake pro-Trump accounts
“These actions are desperate attempts by desperate adversaries,” said Ratcliffe, who, along with FBI Director Christopher Wray, insisted that the U.S. would impose costs on any foreign countries that interfere in the 2020 U.S. election and that the integrity of the vote remains sound.
“You should be confident that your vote counts,” Wray said. “Early, unverified claims to the contrary should be viewed with a healthy dose of skepticism.”
» MORE: Mike Tyson will vote for first time in 2020 election
The two officials called out Russia and Iran for having obtained voter registration information, though such data is sometimes easily accessible and there was no allegation either country had hacked a database for it or had altered any vote tallies. Iran sent spoofed emails designed to intimidate voters and sow unrest and also distributed a video that falsely suggested voters could cast fraudulent ballots from overseas, Ratcliffe said.
Wray and Ratcliffe did not describe the emails linked to Iran, but officials familiar with the matter said the U.S. has linked Tehran to messages that Democratic voters in multiple states, including Alaska and battleground locations like Florida, have received. The emails falsely purported to be from the far-right group Proud Boys and warned that “we will come after you” if the recipients didn’t vote for Trump. A security researcher who examined dozens of the emails
It would not be the first time that the Trump administration has said Tehran is working against the Republican president.
An intelligence assessment released in August said: “Iran seeks to undermine U.S. democratic institutions, President Trump, and to divide the country in advance of the 2020 elections.” It said the country would probably continue to focus on “spreading disinformation on social media and recirculating anti-U.S. content.”
» MORE: Under new law, protesters convicted in Tennessee will lose right to vote
A spokesman for Iran’s mission to the United Nations, Alireza Miryousefi, denied Tehran had anything to do with the alleged voter intimidation.
“Unlike the U.S., Iran does not interfere in other country’s elections,” Miryousefi wrote on Twitter. “The world has been witnessing U.S.' own desperate public attempts to question the outcome of its own elections at the highest level.”
Iran’s Foreign Ministry summoned the Swiss ambassador on Thursday over the allegations. The Swiss Embassy has overseen America’s interests in Tehran since the aftermath of the 1979 hostage crisis.
“The Islamic Republic of Iran, while rejecting the allegations and the fake reports, again emphasizes that there’s no difference for Tehran which candidate goes to the White House,” the ministry said in a statement.
Trump, speaking at a rally in North Carolina, made no reference to the announcement, but he repeated a familiar campaign assertion that Iran is opposed to his reelection. He promised that if he wins another term he will swiftly reach a new accord with Iran over its nuclear program.
“Iran doesn’t want to let me win. China doesn’t want to let me win,” Trump said. “The first call I’ll get after we win, the first call I’ll get will be from Iran saying, ‘Let’s make a deal.’”
House Speaker Nancy Pelosi and Rep. Adam Schiff, the Democratic chairman of the House intelligence committee, said the “disturbing” threats cut to the heart of the right to vote.
“We cannot allow voter intimidation or interference efforts, either foreign or domestic, to silence voters' voices and take away that right,” they said in a statement.
While state-backed Russian hackers are known to have infiltrated U.S. election infrastructure in 2016, there is no evidence that Iran has ever done so, and it was not clear how officials were able to identify Iran so quickly.
The operation represented something of a departure in cyber-ops for Iran, which sought for the first time on record to undermine voter confidence. Iran’s previous operations have been mostly propaganda and espionage.
A top cyberthreat analyst, John Hultquist of FireEye, said the striking development marked “a fundamental shift in our understanding of Iran’s willingness to interfere in the democratic process. While many of their operations have been focused on promoting propaganda in pursuit of Iran’s interests, this incident is clearly aimed at undermining voter confidence.”
The voter intimidation operation apparently used email addresses obtained from state voter registration lists, which include party affiliation and home addresses and can include email addresses and phone numbers. Those addresses were then used in an apparently widespread targeted spamming operation. The senders claimed they would know which candidate the recipient was voting for in the Nov. 3 election, for which early voting is ongoing.
Federal officials have long warned about the possibility of this type of operation, as such registration lists are not difficult to obtain.
“These emails are meant to intimidate and undermine American voters' confidence in our elections,” Christopher Krebs, the top election security official at the Department of Homeland Security, tweeted Tuesday night after reports of the emails first surfaced.