Laufman’s division office is in Washington, D.C., but members of his staff oversee the National Security Cyber Specialists Network, which consists of prosecutors from each of the 95 U.S. Attorney’s Offices who focus on cyber threats to national security.
The DOJ press release says “counterespionage” but a DuckDuckGo search for this term won’t produce nearly as many interesting returns as putting in “advanced persistent threat”, the phrase the infosec industry usually renders as the acronym APT. What that means varies depending on which hopeful salesman is offering you a solution, but this minimal definition is something none of them would quarrel over:
“a set of stealthy and continuous computer hacking processes, often orchestrated by human(s) targeting a specific entity.”
Some leading sources on Twitter if you want to know more include @FireEye, who just announced of a U.S. Financial crimes APT called FIN4, Russian malware experts @kapersky, and Netherlands based @RedSocksMTD, who offer a malware detection appliance.
If you search CryptoCoinsNews for the keyword ‘espionage‘ there are just two articles, one on Western Union trying to discredit the cryptocurrency concept and the other on Regin, an actual APT recently uncovered. This limited response is the result of a terminology mismatch, because CryptoCoinsNews covers all sorts of issues that are relevant for the newly expanded Counter Espionage Section.
The first thing that comes to mind for increased attention are coin tumblers, which are considered a violation of 18 U.S. Code § 1956 – Laundering of monetary instruments, but only if the coins in question are the proceeds of an illegal activity. Concerns of Bitcoin’s use in terror financing are often heard, and use of cryptocoins can carry a stigma similar to the one Tor and VPN users face; the presumption of some nefarious purpose. This increase in law enforcement attention will only speed the adoption of DarkCoin by dark net market vendors and customers.
Once the politically connected banks weigh in, the wire fraud and securities fraud charges will start to flow for the current crop of brazen scammers who are running Ponzi schemes, renting out miners that don’t exist, and otherwise fleecing the market. Financial entities get regulated, they have to pass periodic audits, they have to maintain insurance. We’ll start with the regulations we have now, but as cryptocoins are neither a currency nor a commodity there will be a mismatch between regulation and reality. Look for threatened businesses such as Western Union to push hard for constraints.
None of these are specifically ‘espionage’, but as cryptocoins are legitimized by financial markets, and more law enforcement attention occurs, the gray portion of the market will fight back with new types of coins and new services. That progression will benefit both spies and their masters, who have always struggled with how to transmit and store funds without drawing attention to themselves.
The darknet market folks want to quietly pass small packages, a hundred would-be competitors are taking aim at Western Union’s 1960s vintage wire transfer rates, and every week sees some new mining pool arbitrage scheme branded and promoted. The Counter Espionage Section has to go right into the midst of all this and pick out those who are trafficking illicit information, which means hunting for a small and intentionally obscured signal in the midst of flamboyant entrepreneurs and flashy confidence artists.
Investigating and prosecuting in such a complex environment is a tough, unenviable task under the best of circumstances, and the conflict between old guard financial services and innovator means this will be a political as well as operational concern for the DOJ. Today’s enforcement problem may well be funding tomorrow’s political master.
What do you think of the expansion of the Counter Espionage Section of the National Security Division? Comment below!
Images from Wikimedia Commons and Shutterstock.
Last modified (UTC): October 6, 2016 14:51