Threat Actors From Russia and Iran Obtained Voter Data To Conduct Election Interference; Some Americans Are Receiving Intimidating Spoofed Emails

by | Oct 27, 2020

Election interference was one of the biggest topics surrounding the 2016 US election, and one that dragged on into the 2020 campaign. While much of the concern during that time was about Russia having a substantial impact on election results, cybersecurity professionals have warned that Iran and China are also attempting to meddle. Director of National Intelligence John Ratcliffe has issued a statement that threat actors working from these nations have likely obtained US voter data, and that Iran has used that data to attempt to undermine the election with a direct campaign of spoofed emails.

Use of voter data for direct emails represents an escalation

Both Ratcliffe and FBI director John Wray made statements indicating that Russia and Iran were in possession of some amount of US voter data, though there was no further information on exactly how much or how it was obtained. Voter records that contain names and addresses are public, though email addresses are generally not included with these public-facing records. It is possible that the threat actors simply scraped the available public information and matched it up with public email listings from other sources.

Whatever the case, Ratcliffe identified Iran specifically as having sent spoofed emails to Americans. The election interference emails were sent almost exclusively to registered Democratic voters, and purported to be from the right-wing organization Proud Boys (going so far as to spoof a domain that the organization has registered). The mass emails warned recipients that “You will vote for Trump on Election Day or we will come after you” and are believed to have been sent to voters in four states: Florida, Pennsylvania, Alaska and Arizona. Florida and Pennsylvania are key “swing states” that have a strong bearing on the election winner. It is unclear exactly how many of these emails were sent, but Google indicated in a statement that it had seen about 25,000 pass through Gmail and that its spam filters had automatically stopped about 90% of these.

Enrique Tarrio, the chairman of the Proud Boys, denied that the group was behind the threatening emails or involved in election interference in a statement to the Washington Post. Tarrio said that the spoofed domain was in the process of being transferred and that the group had let development on that particular site lapse. The Proud Boys have been invoked by Democratic candidate Joe Biden as an example of an extremist group that supports Donald Trump.

Democrats in the federal government took issue with Ratcliffe’s claim that Iran was behind the voter data attack and attempting to harm Trump, but political observers have noted for some time that the country’s government is likely to support a change of administration in America. Iran is thought to favor Biden in the hopes of rekindling the nuclear deal initiated under the Obama administration and getting crippling sanctions lifted. It is also possible that the Iranian regime is looking to sow as much discord in the US as possible.

Ongoing and expected election interference

The directors were not specific about what (if anything) the Russians had done with the voter data, but election interference from that part of the world has long been expected given how active the country was during the 2016 contest. The GRU military intelligence agency was able to penetrate several state election boards that year, obtaining voter data for millions of Americans in several different states. Some figures in the federal government, such as former Senator Harry Reid, believed that Russian hackers were also able to penetrate voting systems though there is still no clear evidence to indicate that vote tallies were altered.

Republican Marco Rubio of Florida and Democrat Mark Warner of Virginia, the ranking members of the Senate Select Committee on Intelligence, issued a bipartisan statement intended to reassure US citizens that voter data was secure from tampering and that the 2020 election would be free and fair. Wray also vowed that “appropriate actions” would be taken against any foreign actors caught engaging in election interference.

Expert observers tend to believe that Russia’s attempts at election interference will come late in the process, and that the country’s potent hacking operations will focus on penetrating US infrastructure rather than abusing voter data in an attempt to communicate false information. Russia is believed to have a preference for Trump dating back to 2016, owing to a more hardline policy against the country among Democrats and specifically the policies on Ukraine that the Obama administration adopted. China has also been expected to be an election interference player, though the country has been quiet thus far. Beijing would appear to prefer a Biden victory in the expectation that it would lead to more favorable US foreign policy and a re-establishment of normal dialogue between the two countries.

Recent Posts

How can we help?

9 + 15 =

× How can I help you?