The U.S. Secret Service has announced the creation of the Cyber Fraud Task Force (CFTF) “designed to improve the coordination, sharing of expertise and resources, and dissemination of best practices for all its core investigations of financially-motivated cybercrime. The CFTFs will leverage the combined resources and expertise of both the ECTFs and FCTFs to collaboratively investigative the range of cyber-enabled financial crimes, from business email compromise (BECs) scams to ransomware attacks, from data breaches to the sale of stolen credit cards and personal information on the Internet.”
This is a meaningful improvement to the U.S. government’s approach to combating cyber crime.
An overwhelming majority of threat actors are financially motivated. These criminals manipulate software, end users, and a wide variety of financial services and technologies with increasing sophistication to achieve their objectives.
The wide variety of technical and financial systems in play can be viewed as complicating factors in investigations, and they are. But every system that a criminal uses presents an opportunity to identify, track, and ultimately disrupt their operations.
Our success requires that investigators have a holistic understanding of modern criminal operations, from how they target and interact with victims to how they get paid, so that any mistake along the way can be used to the advantage of law enforcement.
By combining the Financial and Electronic Crimes Task Forces, our expertise across domains can be leveraged more effectively, putting the Secret Service and its partners in a vastly improved position to understand, disrupt, and prosecute modern frauds.
With the continuing need for users to work, shop, and try to enjoy a bit of recreation online, the bad actors of the world will only increase their efforts to steal valuable information from both individuals and corporations. The creation of the Cyber Fraud Task Force is an encouraging move on the part of the U.S. Secret Service. The Task Force will hopefully take some of the cyber crime investigation burden off of the shoulders of local and state police departments who are simply not equipped to deal with cyber crime. This is especially true now, due to the movements across the nation demanding the defunding of police departments and other law enforcement agencies.
If I made a venn diagram of financial crimes and cyber crimes, the shared section in the middle would have grown significantly over the last few years. There is certainly no shortage of financial cybercrimes for the CFTF to investigate, and I think combining the ECTF and FCTF makes sense. The FBI, FTC, and local police departments handle much of the domestic financial cybercrime in the US. I suspect they will continue to get assistance from the Secret Service, but I think the CFTF stands to make the biggest impact in thwarting crimes perpetrated by foreign actors. Many scams, malware, and cyberattacks are launched from outside of the USA at targets within the US. Given the Secret Service\’s plan to expand the CFTF internationally, I think it will have the resources to reach criminals in other countries to a greater extent than those domestic enforcement agencies.
This move makes sense. We do, however, have a lot of duplication of tasks among the various arms of America’s intelligence community. One tends to associate this type of activity with the FBI, which is, of course, part of the Dept. of Justice. With the US Secret Service being part of Homeland Security, perhaps this is part of a re-alignment of responsibilities.
The creation of the Cyber Fraud Task Force is an important entity that should be supported to help prevent and stop malicious attacks against companies and individuals. The COVID-19 pandemic has created an wide variety of opportunities for criminals to take advantage of the situation. Criminals are using increased and modified phishing attempts aimed at stay-at-home workers as well as malicious 3rd party applications that allow access to personal information to financially exploit individuals and organizations working under new conditions. Understanding these types of attacks and the various schemes that are present in your environment will also help to reduce your potential exposures.