Advertisement

Iran is likely to try to directly contact Americans in influence campaign in coming weeks, sources say

2
Kevin Collier and Dan De Luce
·4 min read
A person using their smartphone (Getty Images)
Iran has previously tried to contact people through emails and text messages.

U.S. officials expect that in the coming weeks, Iran is likely to contact individual Americans directly to try to influence how they vote, stir societal divide or incite violence, according to three sources with knowledge of U.S. intelligence reporting on the issue.

While it’s unclear exactly what such an operation would entail, or even if it has already begun, the governments of the U.S., Sweden and Israel have all accused Iran of sending threatening and intimidating emails and text messages to their citizens in recent years. The U.S. intelligence community noted this month that Iranian hackers appear to have gained access to some Americans’ voting records, as they did in 2020.

“You don’t have to read the tea leaves to know this is a possible tactic. They have a clear history of using it,” said John Hultquist, lead analyst at Google’s Threat Intelligence Group.

ADVERTISEMENT

Last week, U.S. intelligence officials told reporters that both Iran and Russia were continuing propaganda operations to influence American voters and society. Russia would prefer former President Donald Trump to win, while Iran would prefer him to lose, but both countries aim to foment distrust in democracy and may try to incite violence in the U.S. before or after the election, the officials said.

Two ongoing cyber influence operations this election cycle that the U.S. government and cybersecurity companies have attributed to Iran — a hack-and-leak operation to steal and disseminate campaign material from Trump’s campaign and a series of fake American news websites — have failed to gain traction. A spokesperson for Iran’s mission to the United Nations didn’t respond to a request for comment, but officials for Tehran have routinely denied American accusations of election influence campaigns.

“There are two different goals that Iranian actors can have in direct outreach,” Max Lesser, a senior analyst at the nonprofit Foundation for Defense of Democracies, told NBC News. “One is just sending the message directly to their intended audience. Obviously, that’s much more direct and arguably efficient than creating a fake website or creating a botnet on social media, a lot of which we’ve seen not get a lot of engagement.”

“Secondly, they could also try and incite people to engage in physical information operations, be that vandalism, graffiti, things like that,” he said.

A partially redacted intelligence memo from Oct. 8, which the U.S. declassified last week, details two ways that Iranian military intelligence may have gotten additional personal details on American voters.

“As of August 2023, Islamic Revolutionary Guard Corps (IRGC) [redacted] actors were aware of unspecified information on US voters in unnamed states available for download on a leak website, which, if acquired, could be used to target voters with disinformation,” the memo says.

“As of February, IRGC [redacted] cyber actors had accessed a network domain associated with a US state government’s division of elections and probably obtained data on voter registration and on whether or not some of the registered individuals voted, [redacted],” it says.

In the leadup to the 2020 election, U.S. officials announced that Iran was behind an ambitious effort to sow election discord. According to a Justice Department indictment a year later, employees of an Iranian government-tied tech firm acquired some U.S. voter information and sent threatening emails to registered Democrats in Florida, purporting to be from the pro-Trump militia group the Proud Boys. Google said at the time that the hackers had sent around 25,000 such emails through Gmail, but around 90% of those were caught in spam filters.

Last month, Israel accused Iran and Hezbollah of hacking into a commercial messaging service to send 5 million intimidating text messages to Israeli citizens. One of the texts read, “Take leave of your loved ones; but don’t worry. You’ll hug them in hell in a few hours,” the Israeli newspaper Haaretz reported.

In 2023, activists in Sweden burned copies of the Quran, prompting strong condemnation from several Muslim-majority countries. A hacktivist group calling itself Anzu Team appeared on Telegram, vowed revenge, defaced some websites and offered rewards for information on the whereabouts for people allegedly involved in the burnings.

“No governmental or private organization will be safe unless you extradite desecraters of the Holy Quran to Islamic society. Attacks will continue,” the group posted to its Telegram channel, which is still visible, though it has not posted since August of last year.

Soon after, around 15,000 Swedes received mysterious text messages calling for violent revenge. Last month, Swedish authorities announced they had concluded that Anzu Team was a front for the IRGC, which had sent the messages by breaking into a Swedish SMS service. Iran denied the accusation.

This article was originally published on NBCNews.com