The FBI and the Cybersecurity and Infrastructure Security Agency both issued advisories Friday warning that Iran is spreading propaganda and targeting U.S. state websites, including election sites, in “an intentional effort to influence and interfere with the 2020 U.S. presidential election.”
The FBI sent a FLASH bulletin to various states, saying an Iranian group is “creating fictitious media sites and spoofing legitimate media sites to spread anti-American propaganda and misinformation about voter suppression.” It added, “This group has been linked to efforts to disseminate a propaganda video concerning voter fraud and hacking of U.S. voter information. The FBI advises this video is almost certainly intended to make U.S. voter information and the voting process appear insecure and susceptible to fraud.”
The CISA advisory went further, stating that the Iranian hackers have also “successfully obtained voter registration data in at least one state.” The agency did not disclose which state.
Both the FBI and CISA confirmed that “a review of the records that were copied and obtained reveals the information was used in the propaganda video.”
There is no indication that any voter registration databases have been manipulated or any votes have been changed.
The news comes after FBI Director Christopher Wray and National Intelligence Director John Ratcliffe alleged in a press conference last week that Iran and Russia had hacked local governments and obtained voter registration and other personal data. Iran used the data, the officials claimed, for a recent campaign of emails that purported to be from the white nationalist group the Proud Boys, which were sent to intimidate Florida Democratic voters.
Both countries have denied the accusation.
U.S. intelligence officials also believe Iranian hackers probed election-related websites of 10 states and, in one case, accessed voter registration data, a source familiar with the matter told NBC News on Friday. The hackers scanned state and local websites at the end of September, then attempted to exploit the websites and steal voter data, the source said. The states were not named.
FBI and Department of Homeland Security officials briefed local election officials on the attempt during a conference call and assured them that the agencies will be coordinating with states to address the issue. DHS did not immediately respond to a request for comment.
DHS officials have stressed that these hacks did not grant attackers access that could affect the integrity of the vote. But there have long been fears that foreign hackers could tamper with voter rolls in a way that makes it harder for people to vote when they show up on Election Day.
American voters' data is, on the whole, already public and widely available. Though laws vary by state, some make the list available to anyone who requests and some just to political parties; some require requesters to be researchers or to work in politics; some charge a fee. Some lists are simply available to download from a state website at any time. But all 50 states and Washington, D.C., have at least some way to make access easy for requesters, according to the National Conference of State Legislatures.