At a glance.
- US charges Iranians with election disinformation.
- Belarus may be behind Ghostwriter.
- Fearing the algorithm.
US charges two Iranians with crimes connected to election disinformation.
The US Attorney for the Southern District of New York today unsealed an indictment of two Iranian nationals, Musa Kazemi and Sajjad Kashian, on charges in connection with disinformation operations conducted during the last US election cycle.
U.S. Attorney Damian Williams said, “As alleged, Kazemi and Kashian were part of a coordinated conspiracy in which Iranian hackers sought to undermine faith and confidence in the U.S. Presidential elections. Working with others, Kazemi and Kashian accessed voter information from at least one state’s voter database, threatened U.S. voters via email, and even disseminated a fictitious video that purported to depict actors fabricating overseas ballots." Their evident goal was erosion of trust in US civil society.
Kazemi and Kashian are charged with one count of conspiracy (five years' maximum sentence), one count of voter intimidation (a maximum sentence of one year), and one count of transmission of interstate threats (which carries a maximum sentence of five years in prison). Mr. Kazemi also faces one count of unauthorized computer intrusion (with a maximum sentence of five years in prison) and one count of computer fraud: knowingly damaging a protected computer, (ten years' maximum sentence).
The campaign the two accused are charged with having operated had, the Justice Department says, four components:
- "In September and October 2020, members of the conspiracy conducted reconnaissance on, and attempted to compromise, approximately eleven state voter websites, including state voter registration websites and state voter information websites. Those efforts resulted in the successful exploitation of a misconfigured computer system of a particular U.S. state (“State-1”), and the resulting unauthorized downloading of more than 100,000 State-1 voters’ information.
- "In October 2020, members of the conspiracy, claiming to be a “group of Proud Boys volunteers,” sent Facebook messages and emails (the “False Election Messages”) to Republican Senators, Republican members of Congress, individuals associated with the Presidential campaign of Donald J. Trump, White House advisors, and members of the media. The False Election Messages claimed that the Democratic Party was planning to exploit “serious security vulnerabilities” in state voter registration websites to “edit mail-in ballots or even register non-existent voters.” The False Election Messages were accompanied by a video (the “False Election Video”) which purported, via simulated intrusions and the use of State-1 voter data, to depict an individual affiliated with the Proud Boys hacking into state voter websites and using stolen voter information to create fraudulent absentee ballots through the Federal Voting Assistance Program (“FVAP”) for military and overseas voters.[2]
- "Also in October 2020, the conspirators engaged in an online voter intimidation campaign involving the dissemination of a threatening message (the “Voter Threat Emails”), purporting to be from the Proud Boys, to tens of thousands of registered voters, including some voters whose information the conspiracy had obtained from State-1’s website. The emails were sent to registered Democrats, and threatened the recipients with physical injury if they did not change their party affiliation and vote for President Trump.
- "On November 4, 2020, the day after the 2020 U.S. Presidential election, the conspirators sought to leverage earlier September and October 2020 intrusions into an American media company’s (“Media Company-1”) computer networks. Specifically, on that day, the conspirators attempted to use stolen credentials to again access Media Company-1’s network, which would have provided them another vehicle for further disseminating false claims concerning the election through conspirator-modified or created content. However, because of an earlier FBI victim notification, Media Company-1 had by that time mitigated the conspirators’ unauthorized access and these log-in attempts failed."
Neither of the two gentlemen (both of whom work for Emennet Pasargad, an Iranian government contractor are, of course, in custody, and Washington and Tehran aren't on extraditing terms, and Messrs. Kazemi and Kashian are unlikely to go holiday in the US any time soon (say sunning at Rehoboth, or hitting the links at Mar-a-Lago). But, as US Attorney Williams observed, "As a result of the charges unsealed today, and the concurrent efforts of our U.S. government partners, Kazemi and Kashian will forever look over their shoulders as we strive to bring them to justice.”
The larger enforcement action is an interagency one. Messrs. Kazemi and Kashian and their company, Emennet Pasargad, with four of the company's leaders were also designated for sanction by the US Department of the Treasury's Office of Foreign Assets Control under Executive Order 13848 ("Imposing Certain Sanctions in the Event of Foreign Interference in a United States Election"). And the US State Department is also offering a reward of $10 million under its Rewards for Justice Program in exchange for information about Messrs. Kazemi's and Kashian's activities.
Ghostwriter may be run more from Minsk than Moscow.
Mandiant finds a connection between the Ghostwriter campaign, generally regarded as a Russian operation, to Belarus. Ghostwriter has been generally attributed, especially by the European governments who were targeted by the (relatively crude) disinformation efforts and the impostures used to put them across, to Russian intelligence organs. Mandiant doesn't rule out an additional Russian connection to the threat actor it tracks as UNC1151, but it thinks that Ghostwriter’s targeting, its absence of any obvious criminal payoff, and the messaging of its disinformation argue for Belarus as the hidden hand behind it. It’s possible that this represents a distinction without much of a difference, given the close alignment of Moscow and Minsk, much closer than that between Russia and any other former Soviet republic in the Near Abroad.
Traducianism and uneasiness over those algorithms we keep hearing about...
Axios has a story about a bill that's been introduced into Congress, with bipartisan support, that would seek to limit the ways in which algorithms stand between people and their online experiences. The House version explains its purpose: "To require that internet platforms give their users the option to engage with a platform without being manipulated by algorithms driven by user-specific data." This has been interpreted in many press reports as a mandate to give users an "algorithm-free" experience, which of course would be literal nonsense. The bills aim rather to give users the option of not having their search results, their news feeds, and their social media recommendations unduly shaped by what the platforms infer from the users' earlier activities online.
There's clearly a widespread uneasiness about the Internet's effects on civil society, and on the emotional health and morals of children in particular. "Algorithm" has clearly emerged as the operative scare-word, serving the same function that "smut" or "television violence" would have served in the second half of the Twentieth Century, although, of course, "smut" and "violence" come pre-loaded with negativity. "Algorithm" has come to be infused with it. Those of us who've been watching too much television during the pandemic will have become familiar with law firms' running commercials inviting you to contact them if you've been exposed to and possibly injured by asbestos, weed killers, careless obstetricians, and so on. A new form of ambulance chasing, we noticed, crossed our television screens this week. The recently established Social Media Victims Law Center is offering to help defend your family against "devious algorithms" and the harm they may have inflicted on your children.