An indictment was unsealed in New York today charging two Iranian nationals for their involvement in a cyber-enabled campaign to intimidate and influence American voters, and otherwise undermine voter confidence and sow discord, in connection with the 2020 U.S. presidential election.
According to court documents, Seyyed Mohammad Hosein Musa Kazemi (سید محمد حسین موسی کاظمی), aka Mohammad Hosein Musa Kazem, aka Hosein Zamani, 24, and Sajjad Kashian (سجاد کاشیان), aka Kiarash Nabavi, 27, both of Iran, obtained confidential U.S. voter information from at least one state election website; sent threatening email messages to intimidate and interfere with voters; created and disseminated a video containing disinformation about purported election infrastructure vulnerabilities; attempted to access, without authorization, several states’ voting-related websites; and successfully gained unauthorized access to a U.S. media company’s computer network that, if not for successful FBI and victim company efforts to mitigate, would have provided the conspirators another vehicle to disseminate false claims after the election.
“This indictment details how two Iran-based actors waged a targeted, coordinated campaign to erode confidence in the integrity of the U.S. electoral system and to sow discord among Americans,” said Assistant Attorney General Matthew G. Olsen of the Justice Department’s National Security Division. “The allegations illustrate how foreign disinformation campaigns operate and seek to influence the American public. The Department is committed to exposing and disrupting malign foreign influence efforts using all available tools, including criminal charges.”
“As alleged, Kazemi and Kashian were part of a coordinated conspiracy in which Iranian hackers sought to undermine faith and confidence in the U.S. presidential election,” said U.S. Attorney Damian Williams for the Southern District of New York. “Working with others, Kazemi and Kashian accessed voter information from at least one state’s voter database, threatened U.S. voters via email, and even disseminated a fictitious video that purported to depict actors fabricating overseas ballots. The United States will never tolerate any foreign actors’ attempts to undermine our free and democratic elections. As a result of the charges unsealed today, and the concurrent efforts of our U.S. government partners, Kazemi and Kashian will forever look over their shoulders as we strive to bring them to justice.”
“The FBI remains committed to countering malicious cyber activity targeting our democratic process,” said Assistant Director Bryan Vorndran of the FBI’s Cyber Division. “Working rapidly with our private sector and U.S. government partners and ahead of the election, we were able to disrupt and mitigate this malicious activity – and then to enable today’s joint, sequenced operations against the adversary. Today’s announcement shows what we can accomplish as a community and a country when we work together, and the FBI will continue to do its part to keep our democracy safe.”
According to the allegations contained in the indictment unsealed today:
The Voter Intimidation and Influence Campaign
Starting in approximately August 2020, and proceeding until November 2020, Kazemi, Kashian, and other co-conspirators began a coordinated, campaign to undermine faith and confidence in the 2020 presidential election (the “Voter Intimidation and Influence Campaign”) and otherwise sow discord within U.S. society. The Campaign had four components:
Background on Kazemi and Kashian
Kazemi and Kashian are experienced Iran-based computer hackers who worked as contractors for an Iran-based company formerly known as Eeleyanet Gostar, and now known as Emennet Pasargad. Eeleyanet Gostar purported to provide cybersecurity services within Iran. Among other things, Eeleyanet Gostar is known to have provided services to the Iranian government, including to the Guardian Council.
As part of his role in the Voter Intimidation and Influence Campaign, Kazemi compromised computer servers that were used to send the Voter Threat Emails, drafted those emails, and compromised the systems of Media Company-1. Kashian managed the conspirators’ computer infrastructure used to carry out the Voter Threat Emails campaign and he purchased social media accounts in furtherance of the Voter Intimidation and Influence Campaign.
Kazemi and Kashian are both charged with one count of conspiracy to commit computer fraud and abuse, intimidate voters, and transmit interstate threats, which carries a maximum sentence of five years in prison; one count of voter intimidation, which carries a maximum sentence of one year in prison; and one count of transmission of interstate threats, which carries a maximum sentence of five years in prison. Kazemi is additionally charged with one count of unauthorized computer intrusion, which carries a maximum sentence of five years in prison; and one count of computer fraud, namely, knowingly damaging a protected computer, which carries a maximum sentence of 10 years in prison. A federal district court judge will determine any sentence after considering the U.S. Sentencing Guidelines and other statutory factors.
Concurrent with the unsealing of the indictment, the Department of the Treasury Office of Foreign Assets Control (OFAC) designated Emennet Pasargad, Kazemi, Kashian, and four other Iranian nationals comprising Emennet Pasargad leadership pursuant to Executive Order 13848, “Imposing Certain Sanctions in the Event of Foreign Interference in a United States Election.” Additionally, the Department of State’s Rewards for Justice Program, is offering a reward of up to $10 million for information on or about the Kazemi and Kashian’s activities.
The FBI’s Cyber Division and Cleveland Field Office are investigating the case.
Assistant U.S. Attorneys Dina McLeod and Louis A. Pellegrino and Trial Attorney Adam Small of the National Security Division’s Counterintelligence and Export Control Section are prosecuting the case.
An indictment is merely an allegation, and all defendants are presumed innocent until proven guilty beyond a reasonable doubt in a court of law.
 In actuality, the computer intrusions depicted in the False Election Video were simulated intrusions created by members of the conspiracy using their own server and data obtained during the State-1 exploitation. Further, the FVAP could not actually be leveraged in the manner implied by the False Election Video.