By Mark Hosenball
WASHINGTON, Dec 23 (Reuters) – U.S. security agencies said on Wednesday they had highly credible information indicating that Iranian cyber actors were responsible for creating a website earlier this month featuring death threats aimed at U.S. election officials.
The Federal Bureau of Investigation and the Homeland Security Department’s Cyber and Infrastructure Security Agency said in a statement that the Enemies of the People website, which surfaced after the U.S. election but now appears dormant, demonstrated “an ongoing Iranian intent to create divisions and mistrust in the United States and undermine public confidence in the U.S. electoral process.”
The agencies said they had previously warned that “Iranian cyber actors” likely were keen to influence and interfere with the 2020 U.S. election.
“Iran is not involved in inciting violence and creating unrest in the United States,” Alireza Miryousefi, a spokesman for Iran‘s UN mission, said in an email to Reuters.
“Iran itself is the largest victim of cyber attacks, including Stuxnet, and has always emphasized the need for the establishment of a global mechanism to prevent cyber-attacks at the United Nations, and at other international institutions.”
The alleged Iranian-created website accused U.S. officials involved in election security of “treason.”
The site, along with several associated social media accounts, included photographs of Republican and Democratic officials, with rifle crosshairs superimposed on them. It also included officials’ purported home addresses.
Those targeted by the website included FBI director Christopher Wray and Christopher Krebs, the former CISA director who was fired by President Donald Trump after publicly vouching for 2020 election results showing Joe Biden defeated Trump.
The site also targeted several employees of Dominion Voting Systems, a voting-machine vendor that has been the subject of unsubstantiated conspiracy theories of vote manipulation.
A Dominion spokeswoman said those false claims have resulted in dangerous threats to the company and its workers.
Internet records hid the identity of whoever set up the site. Cybersecurity researchers said one of the pages was hosted in Russia, and some records include accounts registered through Yandex, a Russian email platform. But experts said such links did not prove any Russian government connection to the website.
(Reporting by Mark Hosenball; Editing by Howard Goller and Stephen Coates)