As America remains vulnerable and life at home is the new reality during the Covid-19 pandemic, cybercriminal activity is on the rise from both the usual suspects and new players. In a rare interview with the U.S. Secret Service, Jonah Force Hill, U.S. Cyber Policy Advisor, shares how criminals – old and new – have seen the Covid-19 pandemic as an opportunity to commit financial crimes against Americans.
Hill explained the role of the U.S. Secret Service extends beyond protecting the President to investigating crimes against the U.S. financial system, including computer system hacks and digital currency crimes. With the development of a new U.S. digital dollar in a tokenized form as a current discussion on Capitol Hill, the Secret Service’s role may harken back to its original reason for being created – fighting counterfeit money.
The Secret Service division was originally founded on July 5, 1865 and was placed in the Department of the Treasury based on its mission. After the assassination of President McKinley in 1901, the third sitting President to be assassinated, the Secret Service then took on its role of protecting the Commander-In-Chief that Americans are most familiar with.
In this year’s President’s Budget, the White House mentioned the idea of relocating the Secret Service back within the Department of the Treasury. After 9/11, the Secret Service was moved to the Department of Homeland Security, where the agency now resides.
According to Hill, the Secret Service is making the effort to provide a more public-facing role in a break from its low-profile culture and clandestine nature. Michael D’Ambrosio Assistant Director, Office of Investigations for the Secret Service, testified before the U.S. Senate Judiciary Committee on June 9th that “…the fraud associated with the current COVID-19 pandemic presents a scale and scope of risks we have not seen before”.
I interviewed Hill about the role of the Secret Service and its perspective on how cryptocurrency is related to cybercrime. The three most interesting things I learned during the interview according to Hill were: 1. That cryptocurrency is only an ‘element’ of a crime, not its own separate ‘category’, and it is not relevant to the prosecution whether cryptocurrency is involved or not 2. That the criminal organizations work together and comprise the ‘Usual Suspects’ who avail themselves of any and every tool available to commit financial crimes, 3. That, when asked how the statistics from a 2019 report by Chainalysis, a blockchain analysis firm, estimated 1.1% of criminal activity involves cryptocurrency, and an FBI statistic recently presented before Congress indicates 3 of 4 money laundering cases involve cryptocurrency, Hill reminded me how difficult these statistics are to calculate and that the actual number is likely somewhere in between 1.1% and 75%. The FBI was contacted to ask to verify the 3 out of 4 statistic given to Congress; however, no response to the inquiry was provided.
Following are questions I asked to which Hill kindly responded.
Jason Brett: What is the mission of the U.S. Secret Service?
Jonah Force Hill: The U.S. Secret Service, in addition to our more well-known protective mission, is responsible for the investigation of crimes against the U.S. financial system. This includes the investigation of modern computer crimes (such as unauthorized access to a computer system and crimes associated with digital currencies), traditional financial crimes (such as wire fraud and money laundering), and counterfeiting of U.S. currency and other financial instruments (such as U.S. Treasury bills).
Brett: What role does the U.S. Secret Service play when it comes to cryptocurrency and other emerging technologies?
Hill: The Secret Service investigates crimes with a cryptocurrency nexus when they 1) undermine the integrity of financial and payment systems, 2) are used in cases of fraud, and 3) are used as a means of money laundering. The Secret Service has a unique record of success in countering criminal uses of digital currencies. We have investigated and shutdown two major centralized digital currencies that supported extensive criminal activity: e-Gold Ltd. (in 2007) and Liberty Reserve (in 2013). Since then, the Secret Service has worked with our partners to investigate and shutdown a number of illicit digital currency exchangers, including Western Express, which was prosecuted by the Manhattan District Attorney’s Office.
Brett: Why does the Secret Service have under its purview the issue of counterfeit money or protecting America’s financial system?
Hill: As one of the Nation’s original investigative agencies charged with safeguarding the nation’s financial and payment systems, the Secret Service has conducted criminal investigations to protect the American public, companies, financial institutions, and critical infrastructure from criminal exploitation since 1865. As early as 1982, the Secretary of the Treasury directed the U.S. Secret Service to investigate crimes related to electronic funds transfers in order to keep pace with the growing role of computers in the U.S. financial system. Two years later, in 1984, Congress passed legislation to expand the Secret Service’s responsibilities to include investigating a range of computer hacking and access device fraud violations. Today, we have extensive authorities to safeguard financial and payment systems from criminal exploitation, even as those illicit activities are increasingly transnational in nature and enabled by cyberspace and digital currencies.
Brett: With the growth of cybercriminals during Covid-19, is there any idea as to the source of this activity (from a select few or a broad group of individuals)?
Hill: The ongoing spate of Covid-19-related crime is being perpetrated by both established criminal organizations and networks, as well as new criminal opportunists. It is in many ways a culmination of years of mounting risk within the financial sector, driven in large part by the growth of transnational cyber-crime. COVID-19-related frauds are made possible by the persistent effort of cybercriminals to breach computer systems to steal personal information, which can subsequently be used to fraudulently apply for loans and benefits payments. Recent data breaches have allowed criminals to buy and sell this information, such as social security numbers and account passwords, which can later be used in an extensive range of frauds. What we are seeing now with this pandemic is an acceleration of this trend, which is coinciding with a vulnerable moment for our nation and our economy.
Brett: Regarding cybercrime and coronavirus related fraud, do you see this as a specific ‘cryptocurrency’ issue, or is it from the same criminal ecosystem?
Hill: The Covid-19 fraud spree is not a specific cryptocurrency issue; crypto is simply a component of the overall fraud. It is regularly used by criminals to make and receive illicit payments for criminal goods and services, launder illicit proceeds, and demand ransom payments for ransomware attacks, among other things.
Brett: Do the cybercriminals communicate with each other in a way to find ‘best practices’ so to speak? Is there a preferred technology such as virtual currencies? Or is it whatever technology is available (AI, machine learning, cryptocurrency, etc.)?
Hill: Absolutely. Cybercriminals are constantly sharing best practices, intelligence, and TTPs (tactics, techniques, and procedures) for criminal schemes. They work collaboratively, offering their specialized skills, knowledge, and tools to the broader criminal community. There is no “preferred technology.” Criminals will use whatever helps them advance their goal, whether or not the technology is old and basic or new and highly-sophisticated.
Brett: What do you mean when you say, ‘Crime-As-A-Service’?
Hill: Cybercriminals offer specialized information, products, and services for a fee. This can include things like computer system vulnerabilities and exploits (i.e., ways to ‘hack’ into a computer network), account credentials (such as user names and passwords), identity information (such as social security numbers), and hosting services (disk space to store criminal information, or to launch criminal campaigns). This crime-as-a-service model allows criminal groups to come together for a particular scheme, only to disassemble once the scheme is completed. Think of a “crew” in an old-school bank heist: you build a team for the job, e.g., hire a guy who knows the bank layout, another guy who can break a safe, a guy who knows how to dismantle an alarm system, a getaway driver, a lookout, etc. It’s the same thing here, but in the digital world.
Brett: Is the culture of the Secret Service changing with your role in terms of providing public awareness and public communications? What goals does the Secret Service hope to achieve by taking a more public stance on the way it helps capture major cybercriminals?
Hill: I believe the Secret Service is improving its public awareness and communications processes, especially during Covid-19. Our investigators have been participating in media interviews and live and prerecorded public service announcements on social media, all aimed at preventing Covid-19 related fraud. We are regularly briefing Congress and issuing best practices to the public. The goal is to help the public protect itself and to allow for early notification to law enforcement of potential criminal schemes.
Brett: Is the Secret Service meant to be the sole investigative agency or is there a synergy between law enforcement bodies to help investigate crypto?
Hill: U.S. law enforcement contains overlapping jurisdictions by design. This is true at the federal, state, and local levels. The Secret Service is just one of many law enforcement agencies with the authority to investigate crypto crimes (at the federal level, the FBI, IRS, and HSI also investigate crypto crimes, just to name a few). This allows for collaboration, sharing of information, and even friendly competition between law enforcement agencies. U.S. law enforcement was designed for this sort of a federalized model. The Secret Service just happens to be the oldest – and in my humble opinion, the most effective – federal law enforcement agency responsible for investigating financial crimes specifically.
Brett: When at a recent hearing a statistic was shared describing how the FBI sees three out of out cases of money laundering involving crypto, while the report attached notes for 2019 that 1.1% of cryptocurrency transactions involved criminal activity. I will be reaching out to the FBI on this, if you happen to have a contact, because I am having trouble identifying where the FBI statistic of 3 out of 4 comes from as well. Is there any way to show statistically what the actual numbers are for crypto-related crimes?
Hill: As we discussed [previously], this is a challenging question and a difficult statistic to quantify. This is because “crypto-related crime” isn’t really a category of crime. Rather, crypto is an element of crime. It be used as a criminal tool (e.g., for money laundering) or can itself be a target for crime (e.g., for theft). As such, the crimes that are prosecuted in crypto cases are generally categorized as “money laundering” or “larceny,” etc., not “crypto crime.” How the crime was committed, via crypto or not, or what form of money was stolen, is often irrelevant to the prosecution and therefore not quantified for statistical purposes. There may be benefits to changing the way these crimes are categorized from an efficiency standpoint, but more study is needed on the benefits and drawbacks of doing so.