Iranian hackers are targeting state election websites, voter data

A voter arrives to drop off he ballot during early voting in Allentown, Pennsylvania on October 29, 2020.

Angela Weiss | AFP | Getty Images

Iranian hackers have been targeting U.S. state government websites in “an intentional effort to influence and interfere with the 2020 U.S. presidential election,” according to an investigation by the FBI and the Cybersecurity & Infrastructure Security Agency (CISA).

The hackers have “successfully obtained voter registration data in at least one state,” the FBI and CISA advisory report published Friday said.

The FBI released its own flash bulletin in coordination with CISA and the Department of Homeland Security alleging that Iranian “advanced persistent threat” actors “are creating fictitious media sites and spoofing legitimate media sites to spread anti-American propaganda and misinformation about voter suppression.”

The news comes just three days before the U.S. presidential election, which is on track to see the largest voter turnout in U.S. history, and just over a week after similar reports by American intelligence officials of election interference by Iranian and Russian actors.

Officials have issued repeated warnings about election interference from hostile actors as incumbent Trump battles for a second term against Democratic nominee and former Vice President Joe Biden.

“The FBI has information indicating this Iran-based actor attempted to access PDF documents from state voter sites using advanced open-source queries,” the report wrote. “The actor demonstrated interest in PDFs hosted on URLs with the words ‘vote’ or ‘voter’ and ‘registration.'”

There is as of yet no evidence that any votes have been changed or that voter databases have been manipulated.

“The access of voter registration data appeared to involve the abuse of website misconfigurations and a scripted process … to iterate through voter records. A review of the records that were copied and obtained reveals the information was used in the propaganda video,” the CISA report continued, referencing a disinformation video that was distributed to give the impression that people could cast fraudulent ballots, even from overseas.

“This video and any claims about such allegedly fraudulent ballots are not true,” Director of National Intelligence John Ratcliffe said during a press conference on October 21.

Not all of the patterns of intrusion into election sites can be definitively attributed to Iranian actors, the FBI and CISA said. “Analysis of identified activity against state websites, including state election websites, referenced in this product cannot all be fully attributed to this Iranian APT actor,” the CISA report wrote.

Iran’s Foreign Ministry did not immediately reply to a request for comment.

The lead-up to the 2020 election has been wrought with controversy and disagreement over voting methods during the coronavirus pandemic, with President Donald Trump and some Republican lawmakers disputing the legitimacy or security of mail-in voting. In some states, ballots cast by mail-in and early voting have already surpassed the total number of ballots cast in the 2016 presidential election.

Senators Mark Warner (D-VA) and Marco Rubio (R-FL) released a statement in late October warning about threats to America’s institutions by U.S. adversaries, writing on Twitter: “We urge every American – including members of the media – to be cautious about believing or spreading unverified, sensational claims related to votes and voting.”