The U.S. Secret Service's most visible role is its protection of presidents, major political candidates, heads of state, their families and anyone else with an executive order for protection. Yet its primary mission is to safeguard the U.S. financial and payment systems, and enforce counterfeiting statutes -- which affects the lives of countless Americans.
Counterfeiting and forgery is a sizeable problem in America, and costs billions of dollars in lost value from fake money and products. But it's just one of numerous fraud and computer crimes that the Secret Service must monitor, investigate and pursue. To keep up with the criminal masterminds and meth addicts, and numerous international gangs involved in cyber-crime, the service has increased its use of sophisticated and off-the-shelf computer technology.
According to the Secret Service's technology mission, the agency takes "a proactive approach to monitor the development of technology and continue to use it in the interest of federal, state and local law enforcement." Its Office of Protective Research (OPR) is responsible for the technical side of protecting the White House and other agencies. The Office of Information Resource Management comes under the OPR and includes CIO Wayne Hall, who oversees IT for the entire agency.
Hall's office leads information management, and designates the agency's business plan and its many objectives, including IT decisions that best contribute to Department of Homeland Security (DHS) technology objectives. "These include around-the-clock management of telecommunications and networks, as well as infrastructure design and development," said Anthony Chapa, Secret Service deputy assistant director at the OPR.
Even so, Chapa said the IT department's strength rests on the aptitude of the people running it. "The Secret Service is very dependent on high-quality personnel to accomplish the mission here and overseas."
The office's Human Capital Strategic Plan helps the agency align human capital with a measurable workload, and make the service more efficient and effective, he said. To get the most qualified people onboard, Chapa said, the service uses public/private procurements -- spending about $30 million per year in contracts. "Contracting with the IT community can help us locate the best and brightest to support our technical initiatives," Chapa said.
Since the Secret Service falls under the DHS, its IT strategy and implementation is beneath the DHS's IT umbrella, said Scott Johnson, deputy special agent in charge of the service's Criminal Investigations Division. "We take the lead from established DHS policy pertaining to IT, but set our own strategy within the department's framework."
The Patriot Act, passed in 2001, increased the service's role in investigating financial fraud, especially in connection with computers. As a result, the agency created Electronic Crimes Task Forces that work with local communities, businesses, IT and academia with the common goal of protecting financial information and infrastructure. The information sharing occurring within these task forces -- in the form of face-to-face meetings or through IT -- is central to investigating financial crimes, such as meth users' production of counterfeit funds.
"We work closely with local law enforcement agencies through our 24 Electronic Crimes Task Forces around the country, and have a very good relationship with the banking and financial sector," Johnson said. "These task forces are the main format for meeting and working with these sectors."
Indeed, agencies like the FBI and CIA also follow money-related crimes in concurrent jurisdictions, but lines are clearly drawn to demarcate each agency's domain, Johnson said. "If it's clearly a terrorist case, we hand it right off to the FBI," he said, adding that in overseas offices, the agencies work together on cases and share information when appropriate. The service also cooperates with and receives information from other federal law enforcement agencies.
Given the sensitivity of its criminal investigations, the service only divulges generalities about the technologies it uses to investigate financial crimes. The agency, however, depends heavily on mobile technology. "Unlike other agencies, we rely mainly on mobile computing for agents in the field and are moving away from desktops, with the exception of administrative staff," Johnson said. "This allows us to work anywhere around the country and even the world."
As for where the sensitive data goes after investigations, this depends on the characteristics and progress of each case. "We follow all federal laws and regulations pertaining to obtaining, storing and disposing of information," Johnson said.
The electronic crimes branch specifically administers computer-related and telecommunications investigations. Electronic crimes take many forms, such as credit card fraud and money laundering, and growing public access to technology increases the ways technology can be used to commit financial crimes. The service uses a four-year training program to acquaint special agents with electronic crimes. "These agents receive additional training to enable them to gather evidence from computers, and restore deleted images and documents from hard drives," Johnson said.
According to the Financial Crimes Division's Web site, losses associated with credit card fraud are in the billions of dollars annually. Other crimes under Secret Service jurisdiction include fraudulent use of access numbers including debit and ATM cards, computer passwords, PINs, and the computer chips in cellular phones that assign billing, according to the Web site.
The Secret Service has collaborated with the Carnegie Mellon Software Engineering Institute to analyze insider threats to computer systems in critical infrastructure sectors. Resulting studies found that the majority of insider attacks were committed by former employees seeking revenge who were granted system administrator or privileged access when hired.
The service has also partnered with other government agencies, private firms and Utica College to share information through the Center for Identity Management and Information Protection. The center will provide a more coordinated approach to aligning research and resources to combat identity theft. Specifically the center is focused on the study of emerging criminal groups engaged in ID theft.
Decrypting with DNA
To combat the growing challenge of encrypted evidence in cyber-crimes, the Secret Service launched a program using a grid of networked computers to crack encryption codes. The Distributed Network Attack (DNA) program links 4,000 of the Secret Service's employee PCs to leverage the processing power for finding keys to passwords that will unlock criminals' encrypted files, according to an article published in The Washington Post in 2005.
But the Secret Service must employ detective skills in figuring out the encrypter's Achilles' heel, which means choosing a password based on the person's life or interests -- not at random. Then, using software developed by AccessData Corp., the grid of Secret Service computers runs through and tests lists of words, some of which are pulled from the suspect's e-mails and file folders. One of those words eventually turns out to be the password to the files.
The Secret Service has used DNA to infiltrate an Internet crime ring used to buy and sell stolen credit cards, and is adapting the program to monitor and analyze emergent data secrecy threats, such as embedded messages inside of ordinary messages, music files or images. The goal is to use DNA across the service's entire network of computers and within DHS applications.
DNA was developed with funding from the Technical Support Working Group, a federal office that coordinates research on technologies to combat terrorism.
Inspector General Uncovers Vulnerabilities
Just as technology shows great promise in helping the Secret Service keep up with the growing complexity of financial fraud, counterfeiting and cyber-crime, the agency's IT operations have stumbled at times. Two reports released in 2005 by the DHS's Office of the Inspector General documented inadequate or ineffective database security measures that could increase the risk of unauthorized individuals gaining access to critical information.
In one report, the Secret Service IT department was criticized for vulnerabilities found with regard to database "access controls, configuration management procedures and continuity of operations safeguards."
A second report examined the service's security controls for sensitive but unclassified networks and judged them to be ineffective.
The Secret Service agreed with many of the findings, and has since taken steps to address most of the vulnerabilities identified by the Inspector General's audit.
Trying to Stay Ahead
As the agency works to seal off its databases from any vulnerabilities, much of its work is aimed at the advancing technology, such as photographic and printing equipment, used to make counterfeit currency in the United States. Where counterfeiting is concerned, the service keeps apace with reprographic/lithographic technologies and works with the Federal Reserve System and Bureau of Engraving and Printing.
"The Secret Service always tries to stay ahead of new technology," Johnson said. "Counterfeiting used to be done with printing presses, but in the last 10 years, we have seen a dramatic increase in digital notes coming from hard drives."
Computers and related storage and communication devices are everywhere in the private sector. Consequently law enforcement agencies try to stay informed about new technology to stay abreast of investigations. There is no doubt that the global economy's relationship with technology in the electronic age makes IT an ongoing focus of investigations and training within the Secret Service.
You may use or reference this story with attribution and a link to