WASHINGTON, D.C. On Thursday, April 3, 2003, agents from the United StatesSecret Service testified before a joint U.S. House of Representative subcommitteehearing on the agencys efforts to protect Americas financial and critical infrastructure.
The House Financial Service Committees Financial Institutions and Consumer CreditSubcommittee and the Oversight and Investigations Subcommittee hosted the joint
hearing titled Fighting Fraud: Improving Information Security.
Well known for protecting the nations leaders, the United States Secret Service is alsoresponsible for protecting Americas financial infrastructure. The Secret Service has
statutory jurisdiction to investigate a wide range of technology-based crimes, includingcredit and debit card fraud, identity theft, false identification fraud, counterfeit currency
and checks, financial institution fraud and telecommunications fraud.
There is no shortage of information, testimony or anecdotal evidence regarding thenature and variety of cyber-based threats to our banking and financial sectors and the
need to create effective solutions, Special Agent in Charge of the Secret ServiceFinancial Crimes Division Tim Caddigan told members of the subcommittees. There is,
however, a scarcity of information regarding successful models to combat such crime intodays high tech environment.
One successful model, as detailed to the committee, is the Secret Services ElectronicCrimes Task Forces. Based on a model developed in 1995 in New York City, and
authorized nationwide with the passage of the USA PATRIOT Act of 2001, the task forceapproach developed by the Secret Service has generated unprecedented partnerships
among federal, state and local law enforcement, the private sector, and academia. Thesepartnerships have experienced remarkable success in detecting and suppressing
computer-based crime.
"Our task force model stresses prevention through partnership, Caddigan said. Wefocus on the mitigation of damage, and the quick repair of any damage or disruption to
get the system operational as soon as possible after an incursion occurs.
The task forces have identified tools and methodologies that can be employed by itspartners in the business, academic and law enforcement communities to eliminate
potential threats to their information systems. The nine regional task forces located inNew York, Los Angeles, San Francisco, Chicago, Boston, Charlotte, Miami, Las Vegas
and Washington, D.C. are 21st century law enforcement models that modernize criminaljustice and incorporate partnerships and information sharing within their core
competencies.
In addition to the Electronic Crimes Task Forces, members of the subcommittees werebriefed on several components of the Secret Services investigative response to cyber
crime, including:
Electronic Crimes Special Agent Program (ECSAP) -- This program is comprised ofapproximately 175 special agents who have received extensive training in the forensic
identification, preservation, and retrieval of electronically stored evidence. ECSAPagents are computer investigative specialists, qualified to conduct examinations on all
types of electronic evidence, including computers, personal data assistants,telecommunications devices, electronic organizers, scanners and other electronic
paraphernalia.
Best Practices Guide to Searching and Seizing Electronic Evidence -- Joining forceswith the International Association of Chiefs of Police and the National Institute for
Justice, the Secret Service created this guide designed for the first responder, line officerand detective alike. More than 300,000 copies of the guide have been distributed, freeof-
charge, to local, state and federal law enforcement.
Forward Edge -- The next step in training officers to conduct electronic crimeinvestigations, Forward Edge is a CD-ROM that incorporates virtual reality features as it
presents three different investigative scenarios to the trainee. It also providesinvestigative options and technical support to develop the case. Copies of state computer
crime laws for each of the fifty states as well as corresponding sample affidavits are also part of the training program and are immediately accessible for instant implementation.
More than 20,000 copies have been distributed.
Critical Systems Protection Initiative (CSPI) -- A collaborative effort between the SecretService and Carnegie-Mellon University, the CSPI is working to establish standards,
guidelines and methodologies to incorporate a cyber security component to our vitalmission of protecting our highest elected leaders and events of national significance.
This initiative is truly groundbreaking in that it considers both the physical vulnerabilitiesof a venue for security requirements as well as a fourth dimension -- the supporting
information technology infrastructure.
Source: U.S. Secret Service