[RSAC 2023] Build government connections before cyberattacks happen, US Secret Service urges

By Dain Oh, The Readable
Apr. 25, 2023 2:25AM GMT-7

RSA Conference 2023 ― San Francisco ― Forming a partnership with law enforcement is essential to proactively respond to financially motivated cybercrimes, the United States Secret Service (USSS) expert asserted on Monday.

Matt O’Neill, Deputy Special Agent at the USSS Criminal Investigation Division and Head of the Global Investigative Operations Center (GIOC), stressed the importance of building a relationship with the government in advance while referring to the staggering speed of attacks.

Cybercrimes, which are currently associated with spear phishing and ransomware, have achieved a higher level of sophistication both in quality and pace and have developed highly coordinated networks worldwide, according to the USSS. To address these challenges, the agency has been leveraging partnerships with private companies.

Matt O’Neill, from left, Deputy Special Agent at the USSS Criminal Investigation Division and Head of the Global Investigative Operations Center (GIOC), and Ronald Green, chair of the USSS, are speaking during a panel discussion at the RSA Conference on April 24. Photo by Dain Oh, The Readable

“We cannot just hope that we arrest these guys downstream,” O’Neill elaborated in a panel discussion on modern bank heists at the RSA Conference. “They are too good, and they are too fast, so we leverage our partnerships with the payment industry.”

The investigator cited a case where the Secret Service seized a cybercriminal named Ghaleb Alaumary. Alaumary, who had been money laundering 40 to 50 million dollars a month for business email compromise (BEC) actors and was pursued as one of the top-tier targets by U.S. law enforcement, was arrested in February of 2021 after years of cooperative efforts between public agencies and third parties abroad. Seven months later, Alaumary was sentenced to 140 months in federal prison for conspiring to launder illicit assets, including an enormous online banking theft by North Korean threat actors.

“Almost everything that we are going to talk about is not waiting until the problem happens to build these relationships,” said O’Neill. When a company has developed a relationship with law enforcement, the chances of being notified by the public sector increase, which leads to a successful defense against threats.

“Identify an agent in your area, whether it is secret service and FBI (Federal Bureau of Investigation),” mentioned O’Neill. “If at all possible, get their personal number because these things happen at 11 o’clock at night and 1 o’clock in the morning. You do not have time, whether it is BECs or ransomware. You do not have time to wait until Monday.”

Ronald Green, chair of the USSS, also joined the discussion and emphasized that the public private partnership requires both parties to participate. Although private firms can connect to many public institutions without paying any costs, those firms should not “just sit there like a sponge and absorb everything.”

“They are going to put things out. You should put things in, too. We need to work on this together,” added Green. “It takes a network to defeat a network.”


The cover photo of this article was taken by Dain Oh.

Dain Oh is a distinguished journalist based in South Korea, recognized for her exceptional contributions to the field. As the founder and editor-in-chief of The Readable, she has demonstrated her expertise in leading media outlets to success. Prior to establishing The Readable, Dain was a journalist for The Electronic Times, a prestigious IT newspaper in Korea. During her tenure, she extensively covered the cybersecurity industry, delivering groundbreaking reports. Her work included exclusive stories, such as the revelation of incident response information sharing by the National Intelligence Service. These accomplishments led to her receiving the Journalist of the Year Award in 2021 by the Korea Institute of Information Security and Cryptology, a well-deserved accolade bestowed upon her through a unanimous decision. Dain has been invited to speak at several global conferences, including the APEC Women in STEM Principles and Actions, which was funded by the U.S. State Department. Additionally, she is an active member of the Asian American Journalists Association, further exhibiting her commitment to journalism.