By James Tibbets, Pendletonian Times
WASHINGTON – In a joint statement from the United States Intelligence Community dated September 18, 2024, officials accused “malicious cyber actors” of attempting to interfere in the 2024 Presidential Election.
“Iranian malicious cyber actors in late June and early July sent unsolicited emails to individuals then associated with President Biden’s campaign that contained an excerpt taken from stolen, non-public material from former President Trump’s campaign as text in the emails. There is currently no information indicating those recipients replied. Furthermore, Iranian malicious cyber actors have continued their efforts since June to send stolen, non-public material associated with former President Trump’s campaign to U.S. media organizations,” according to the statement which was signed by the Office of the Director of National Intelligence, the Federal Bureau of Investigation and the Cybersecurity and Infrastructure Security Agency.
As reported by Pendletonian Times on September 30, three Iranian nationals have been indicted for conspiring to overthrow the 2024 U.S. election. Masoud Jalili, 36, Seyyed Ali Aghamiri, 34, and Yaser Balaghi, 37, are members of Iran’s paramilitary force, the Islamic Revolutionary Guard Corps. The IRGC is defined as a terrorist organization by the U.S. Intelligence Community.
According to the indictment, beginning on or around January 2020 and continuing through at least September 2024, Iranian actors employed by the IGRC prepared for and engaged in a wide-ranging hacking campaign that included spearphishing and social-engineering techniques. Around May, 2024, the defendants gained unauthorized access to personal accounts belonging to members of “U.S. Presidential Campaign 1,” which is now known to be the campaign of former President Donald J. Trump.
According to the indictment, Jalili is an experienced computer hacker, having conducted hacking operations since at least 2012 and calls himself a “Master of Information Technology.” Jalili has worked with the Basij Resistance Force in the past. Basij is a paramilitary militia comprised of volunteers.
The indictment claims that Jalili also had a business relationship with Respina Networks. Respina Networks is a Tehran based telecommunications and internet service provider which the indictment claims provided Jalili with high bandwidth, high speed internet access that could reach to the world outside Iran.
The indictment says that Aghamiri is a graduate of Islamic Azad University and a skilled computer hacker who has also worked with Basij in the past.
The indictment lists Balaghi as a skilled computer hacker who also has previously been associated with Basij. Balaghi holds a bachelor’s degree in computer software from Islamic Azad University and was the “Head of Security and Hacking (legal and ethical)” for an unknown client. His public resume claims the following as accomplishments:
- Design of “Phishing Attack Systems”
- “Brute Force Software”
- “File Binder Software” (written in Python)
In addition to this, Balaghi claims to have “accomplished tens of hacking projects” that were “ordered by a cyber-organization.” Balaghi also claims that he’s experienced in “designing and executing a lot of software projects and also hack tools and miscellaneous projects.”
Officials targeted by the hacks include former and current officials of the:
- U.S. Department of Justice
- U.S. Department of Defense
- U.S. State Department
- U.S. Agency for International Development
- National Security Agency
- Central Intelligence Agency
- White House
- National Security Council
- U.S. Senate
- U.S. House of Representatives
Other targets include former officials to the U.N., Afghanistan and an unnamed foreign government’s intelligence service, three members of the media including a national security correspondent, a columnist and their assistant. An additional five employees of a nongovernmental organization were also targeted.
The FBI and CISA encourage campaigns and election infrastructure stakeholders to report information concerning suspicious or criminal activity to their local Election Crimes Coordinators via FBI field office (fbi.gov/fieldoffices), by calling 1-800-CALL-FBI (1-800-225-5324), or online at ic3.gov. Cyber incidents impacting election infrastructure can also be reported to CISA by calling 1-844-SAY-CISA (1-844-729-2472), emailing report@cisa.dhs.gov, or reporting online at cisa.gov/report. Election infrastructure stakeholders and the public can find additional resources about how to protect against cyber and physical threats at CISA’s #PROTECT2024 (cisa.gov/topics/election-security/protect2024).
Persons accused of crimes are considered innocent until proven guilty in a court of law.