Law Enforcement Aims to Prevent Cyber-Attacks: Secret Service Agent

A special agent reminds us that when it comes to cyber-crime it's all about the money.

data breach

SAN FRANCISCO—What role does law enforcement play in helping prevent and stop cyber-crime? That question was tackled during a press event hosted by Verizon at the RSA Conference Feb. 25.

Cyber-criminals more often than not only have a single goal—money, said Ed Lowery, special agent in the criminal investigations unit of the U.S. Secret Service. "At the Secret Service, we are financial investigators, and we do cyber-investigations," he said.

Modern criminals are stealthy and use advanced techniques, Lowery said. He pointed to the recent spate of breaches at retailers, including Target and Neiman Marcus, and added that retail breaches really aren't a new phenomenon.

"We're not in a unique time period, and the Secret Service has been looking at retail cyber-crime for quite some time," Lowery said.
Lowery highlighted the Secret Service investigation into retailer TJX, which was breached in 2007. Many companies were affected by the same group that attacked TJX, he said.

The Secret Service was also involved in the investigation of the Heartland Payment Systems breach in 2009.

"What we have seen is a change in the sophistication of attackers and the attack vectors," Lowery said. "These are professional criminals; they study their victims, and they are looking for vulnerabilities they can exploit."

The process of enumerating a potential victim doesn't necessary happen all that quickly, according to Lowery. Criminals are now able to monetize almost any information that they are able to steal from a company, he added.

The outlook from the defensive perspective isn't all that great, either.

The defensive side of the modern security landscape has shown no real signs of improvement, said Eddie Schwartz, vice president of global solutions at Verizon. "Security models continue to be broken, so attackers don't need to innovate much farther than where they are at today," Schwartz said.

Over the course of time, attack vectors have changed, Lowery said. In the case of TJX, attackers breached the system and obtained stored data. Since that time, regulations have changed to prevent the amount of data that is stored, so now attackers go after data that is in transit, Lowery said.

"Most of these criminals rely on being surreptitious," Lowery said. "They realize that if they just dump information online someone will call them on it."

While there are technologies and processes that can help limit the potential risks of being breached, it is the role the Secret Service to be an offensive arm of law enforcement.

"Our operations result in a deterrence factor," Lowery said.

Lowery stressed that that Secret Service is not just about reacting after a crime has been committed.

"If we can prevent a crime, we will," Lowery said. "Prevention is by far our preferred method."

Sean Michael Kerner is a senior editor at eWEEK and Follow him on Twitter @TechJournalist.

Sean Michael Kerner

Sean Michael Kerner

Sean Michael Kerner is an Internet consultant, strategist, and contributor to several leading IT business web sites.