- By William Jackson
- Jan 22, 2003
Secret Service goes where the crime is'into cyberspace
Agents on the Secret Service's Electronic Crimes Task Force include, from left, Demetrius Craig, Wayne Peterson, Jon Stone and Joe Casey.
The Secret Service, formed in 1865 to combat counterfeiting, has become the lead agency in investigating electronic crime.
It was a natural evolution, said Michael Stenger, special agent in charge of the Washington field office, because 'the majority of counterfeit money in the United States today is produced on computers.'
Not only has counterfeiting become high-tech, but credit card fraud, check forgery and even threats against the president have all 'gravitated to electronic media,' Stenger said. 'We had to develop the expertise to handle the investigations we are doing now.'
Wayne Peterson, a member of the Washington office's Electronic Crimes Task Force, said, 'Just about every search warrant we execute now involves a computer.'
Even if a crime is not electronic in nature, computers frequently produce evidence for the investigation. About 100 agents across the country have been trained in computer forensics by the Secret Service's Electronic Crimes Special Agent Program.
The 2001 USA Patriot Act called for the Secret Service to establish a network of task forces, and Washington's is one of nine so far. The first came into being in the 1990s in New York because of online banking crimes.
Bankers 'started calling their friends at the Secret Service,' said Chris McFarland, assistant to the special agent in charge of the Washington office.
New York's model helped in setting up the Washington field office. Today its e-crimes task force includes law enforcement agencies from Baltimore to Richmond, Va., as well as organizations such as AOL Time Warner Inc. and Nextel Communications Inc.
The Washington office has 12 agents dedicated to the task force, five of them trained in forensics. Other task forces, all sharing information and resources, are near Boston, Charlotte, N.C., Chicago, Las Vegas, Los Angeles, Miami and San Francisco.
Cooperation among the task forces is a product of the Secret Service's small size. 'Historically we have had good relations with other agencies,' Stenger said.
Corporate cooperation with the task force usually is informal, but law enforcement agencies commonly sign a memorandum of understanding, McFarland said. Local departments might have an officer sworn in as a special federal deputy to ease investigations across jurisdictions. About 20 special deputies from local enforcement agencies work with the Washington task force.
The task forces can shift personnel or accept evidence for investigation as needed. 'We've learned to be flexible and travel light,' McFarland said.
The Washington office has two labs equipped with 10 custom forensic workstations with multiple hard drive bays from Skytek Inc. of Alexandria, Va., as well as two Apple Computer Inc. systems. Hard drives brought in as evidence must be mirrored before examination.
'If you touch a file [on a drive], you can change the date or time stamp, raising questions in court,' Peterson said.
He left the Secret Service several years ago for the private sector but later returned. During the high-tech boom the money was good, 'and I took the bait,' he said. 'But I always missed the service. I had mixed feelings.' After the attacks on Sept. 11, 2001, he decided to come back.Security survey says ...
Despite the growing volume of electronic crime, Peterson said, the workload is not too heavy. 'It comes, and it goes,' he said. He has developed a survey to help companies evaluate their network security'part of the outreach that is the task force's top priority.
'Prosecution is third on the list for us' behind education and prevention, McFarland said.
For several years, representatives from the service and other agencies, including the FBI and National Security Agency, have been making the rounds of conferences and trade shows, asking for private-sector cooperation. To combat e-crime, they say, companies must be willing to report incidents and share information with each other and with law enforcement.
So far, results have been mixed.
In a recent Salt Lake City talk, McFarland asked his audience how many had been victims of hacking. Almost everyone raised a hand. Asked how many had reported the incidents, almost no one raised a hand.
'It's a matter of relationships,' McFarland said. Where relationships exist, cooperation is much better, he said. 'The thing that worries me most now is the wireless networking that people are putting into their homes,' because compromised home computers can become launching pads for attacks.
'The difference between physical and IT security is becoming less and less,' he said.
William Jackson is freelance writer and the author of the CyberEye blog.