Cyber Crimes – Criminal Investigation will continue to develop and expand its Cyber Crimes Unit (CCU) in response to the ongoing threat of internet theft, refund fraud, and virtual financial crimes. The CCU will identify and pursue tax, money laundering, identity theft, and refund crimes in the virtual world.In a conference call on early May, IRS CI Chief Richard Weber announced the ceation of "a cybercrimes unit within CI to really focus on some large-scale cybercrime-related cases, specifically focused on identity theft and the impact on tax administration.” See Michael Cohn, IRS Creates Cybercrime Unit to Battle Identity Theft (Accounting Today 5/11/15), here. The article further reports:
When Weber arrived at IRS CI three years ago, he estimates the agency was spending less than 3 percent of its time on identity theft cases across the country. “We are now working on a national level an average of 18 percent of our time on ID theft,” he said. “In some areas like Tampa and Miami, Florida, where we have field offices, we’re working close to 50 percent of our time just on identity theft. When the problem first started, we were working on a lot of street-level type cases, where someone might be in their basement or sitting on a beach with a laptop and trying to ping our systems, and quite frankly getting in a lot easier than today. That morphed into more of a data breach issue, where we saw over the last year in particular more data breach identity theft type cases, as well as cases that had some type of international component. That was really when we started to realize that we should pull some of our resources and have a focus on the cybercrime, the ‘Darknet’ issue and really look at this problem specifically as it relates to cybercrime ID theft.”
Data breaches are occurring at various types of businesses such as payroll companies, department stores and medical facilities. “We’re looking at probably hundreds of millions of records that have been breached from companies across America,” said Weber.
Personally identifiable information, such as Social Security numbers, account numbers and W-2 information, have been stolen from companies and that information is then used to attack the IRS system, he noted. Hackers are able to use the information they glean from data breaches to get around the various filters that the IRS has set up to detect identity theft.
So far this year there have been at least 270 data breaches, exposing more than 100 million records, according to Weber. “Those records could potentially be used to hit the IRS system or to impact the tax system,” he said.
He noted that this February, there was a large-scale data breach at a health insurer, exposing 80 million customer records, including addresses, Social Security numbers and income data, the exact same data that’s needed to file for a tax refund.
“That is primarily the reason why we want to focus on cyber and the Darknet because of what is happening,” said Weber. “The Darknet, which I describe as the underbelly of the Internet, is really what criminals are using today to commit a host of crimes, not just tax refund fraud, which is why all the law enforcement agencies are trying to work better together on this issue because of what’s out there.”
On the Darknet, the IRS has seen various connections to international organized crime rings, particularly in Russia and other Eastern European countries. “One particular crime syndicate had amassed over 1 billion user names, passwords and email addresses,” said Weber. “When this is happening on the Darknet, it’s really only going to be used for criminal activity. There’s no legitimate use of this information that exists on the Darknet.”
* * * *
IRS CI plans to start the cybercrimes unit with a group of agents in its Washington, D.C., field office that will develop cases and work with other field offices across the country to develop and support cases.
“We’ll have a specialized group in D.C. and then we’ll have points of contact in every field office working with this group in D.C.,” said Weber. “We’re also working with some of the law enforcement agencies. Then we’ll see where this takes us and the types of cases that we’re going to be able to bring.”
The IRS currently doesn’t have the budget to hire any new cybercrime experts, but over the years Weber said IRS CI has hired a number of special agents with cyber-technology investigative skills. It is also working with other agencies such as the Secret Service, the FBI, the Justice Department and the Department of Homeland Security that have expertise in these types of investigations. While IRS CI focuses on cases involving tax administration, identity theft and money laundering, other agencies can focus more on the data breach itself.