The U.S. Secret Service is pulling in outside expertise from the private sector and U.S. Cyber Command as it weighs changes to its investigative methods in an attempt to keep pace with international hackers.
The engagement with Cyber Command, the Pentagon’s offensive cyber unit, is focused on learning from the military’s experience with transnational cybercriminals, a Secret Service official told CyberScoop. The Secret Service’s efforts to consult with private sector experts, meanwhile, is focused on specifically overhauling the agency’s investigative practices.
The effort to consult with outside expertise comes as part of a recognition that the Secret Service is interested in bolstering its arsenal of tools with the latest techniques needed to root out financially motivated hackers. To formalize its interest in tapping into the private sector’s understanding of scammers’ latest tactics, the agency earlier this year established an advisory group composed of cybersecurity practitioners from the private sector, academia, and U.S. government, as CyberScoop first reported.
Known as the Cyber Investigations Advisory Board (CIAB), the group met last week for the first time and is expected to provide insights on how the Secret Service must adapt to a rapidly changing criminal underground. The agency is best known for protecting public officials, but it has a long history of fighting financial crime, too.
CIAB’s goal, officials said, is to update the Secret Service’s approach to tracking payment systems fraud, as well as credit card fraud, ransomware, money laundering and cryptocurrency-related crimes. The board also aims to help modernize training, investigative priorities and partnerships with other government agencies for years to come.
The Secret Service at Cyber Command
Meanwhile, Secret Service also has been staffing up at Cyber Command facilities to gather information from the military’s work about foreign hackers, said Jeremy Sheridan, a deputy assistant director at the agency.
“We are engaging with Cyber Command,” he told CyberScoop. “We are staffing personnel in their areas of operations and within their facilities in order to learn from them, partner with them, grow with them, leverage our expertise and offer assistance where we can on that front.”
Details of the Secret Service’s work with Cyber Command were not immediately clear, and Sheridan declined to say where personnel were stationed, only adding that the Secret Service assigns special agents to multiple agencies, departments, and task forces around the government to boost the agency’s ability to detect and arrest financially-minded criminals.
“The intent of these external assignments is to augment the Secret Service’s capabilities to be able to better accomplish their dual mission responsibilities, which is the same methodology of and motivation for the CIAB,” Sheridan said.
When asked about the Secret Service engagement, Cyber Command referred CyberScoop to a recent joint effort with the FBI and departments of Treasury and Homeland Security to expose North Korean government-linked hackers stealing cash from ATMs. Cyber Command also pointed to its recent efforts with the Department of Justice to recuperate millions of dollars’ worth of cryptocurrency North Korean hackers allegedly stole in 2019.
Network defense and nation-state intel
A U.S. government official familiar with the matter told CyberScoop the engagement is rooted in the fact that Cyber Command, in addition to its offensive work to disrupt adversarial hackers abroad, has a network defense mission. As a result, Cyber Command and Secret Service are well-positioned to share information related to financially motivated transnational cybercrime, the U.S. government official said.
Criminal hackers who run financially motivated schemes sometimes split their time doing the bidding of nation-state hackers, which Cyber Command is tasked with disrupting.
The updates coincide with a broader effort at the Secret Service to update its approach to stopping financial cybercrime rings. In addition to establishing the CIAB and learning from Cyber Command, the agency recently merged its Electronic Crimes Task Forces and Financial Crimes Task Forces into one team in an effort to streamline anti-fraud efforts.
The CIAB was originally slated to debut in the spring to discuss Secret Service priorities, though the meeting was delayed as a result of the pandemic. Since then, members have shifted their focus to fraudsters targeting COVID-19 pandemic-related relief programs, Sheridan said.
“The amount of money that has been infused into the financial system for necessary reasons in order to help support the economy and to help support the American public has come at such a high volume and has come at such a quick pace that it has been an opportunity ripe for fraud,” Sheridan said, referring to the Payment Protection Program established by the CARES Act, as well as expansions of unemployment insurance.