Iran Using Voter Data to Spoof Floridians, Warn U.S. Intelligence Leaders

Russia and Iran “have taken specific actions to influence public opinion related to our elections,” Director of National Intelligence John Ratcliffe said in a Wednesday evening press event notable for its short notice, the time of day, and the presence of several intelligence community leaders. 

Ratcliffe said that Iran and Russia obtained  information related to registered voters, but did not give details.

He also said Iran had sent “spoofed emails designed to intimidate” voters. On Tuesday, some Florida residents received threatening messages purporting to be from the Proud Boys right-wing extremist group and urging the recipients to vote for Donald Trump. 

Intelligence officials have determined that China and Iran favor Democratic candidate Joe Biden, where Russia favors President Donald Trump. In August, William Evanina, director of the United States National Counterintelligence and Security Center, told lawmakers that all three nations were seeking to interfere with the November election.

Just before Ratcliffe’s event, Sen. Marco Rubio, R-Florida, and Sen. Mark Warner, D-Virginia, the acting chairman and vice chairman of the Senate Intelligence Committee, sent a statement to reporters. “Our adversaries abroad seek to sow chaos and undermine voters’ belief in our democratic institutions, including the election systems and infrastructure that we rely on to record and properly report expressions of the voters’ will,” it said, in part. “As we enter the last weeks before the election, we urge every American – including members of the media – to be cautious about believing or spreading unverified, sensational claims related to votes and voting.”

At the event, FBI Director Chris Wray said actual voting systems remained secure. “You should be confident that your vote counts,” Wray said.

CORRECTION: The original headline atop this article incorrectly stated that U.S. intelligence leaders had said Russia and Iran "stole" voter information. It has been updated to report correctly the intelligence leaders' comments. 

In September, the FBI issued an alert that false claims of hacked voter information were likely intended to undermine the credibility of elections. The statement followed reports that information on 7.6 million Michigan voters had shown up on Russian hacker forums. "In reality, much U.S. voter information can be purchased or acquired through publicly available sources. While cyber actors have in recent years obtained voter registration information, the acquisition of this data did not impact the voting process or the integrity of election results," said the FBI statement. Also on Wednesday, NBC reported that cybersecurity firm Trustwave had found a hacker selling registration information on 186 million voters. Again, much of it was publically available. 

Dmitri Alperovitch, the co-founder and former CTO of cybersecurity company Crowdstrike, the firm that originally caught Russian actors on DNC networks in 2016, said "This Proud Boys spoofed email campaign in Florida that the US Government has just publicly attributed to Iran is probably the fastest ever public disclosure of attribution intelligence ever made by the US. It took literally hours for press conference vs months/years in the past."

Officials across the intelligence community have also stressed that various parts of the federal government have improved their cooperative efforts to detect and act on election threats. Earlier in October, officials from the FBI, National Security Agency, and the Cybersecurity and Infrastructure Security Agency, or CISA, described their efforts at CISA’s annual conference. Every day, CISA Director Chris Krebs said, his agency captures 7.2 terabytes of infrastructure-related data, monitors some 3 million endpoints and receives 83 malware submissions a day. “That data is…incredibly rich,” Krebs said. 

David Imbordino, the NSA’s elections security lead, acknowledged that the “adversary landscape” is bigger this year than previously.

“We have the entirety of NSA focused on this as an issue.” Imbordino said that the U.S. responsive posture for election threats was also greatly improved. “It’s beyond government,” he said, noting that coordination among cybersecurity and other private businesses and government was also much better than in previous years. “That’s really, really key. This isn’t just a government effort...It isn’t just a pickup game.”

CORRECTION: The original headline atop this article incorrectly stated that U.S. intelligence leaders had said Russia and Iran "stole" voter information. It has been updated to report correctly the intelligence leaders' comments.