“Criminals like technology. They like using it to stay ahead of us. And so we have to do everything we can to make sure that we are keeping up with the latest technology that they have,” David Denton, the deputy assistant director of Immigration and Customs Enforcement’s Homeland Security Investigations (HSI) – Cyber Division, said Wednesday at AFCEA’s Law Enforcement and Public Safety Technology Forum in Washington.
In order to stay a step ahead of the criminals, Denton said his agency has been modernizing its systems to harness the power of big data.
“We are obtaining more and more information that we have to figure out how to connect the dots for our investigations,” he said.
While it doesn’t enjoy the same public profile as the FBI, Homeland Security Investigations is the second-largest investigative component in the federal government. The agency investigates border crimes, including the trafficking of drugs, weapons and people.
But much of the crime that used to happen face-to-face or in the physical world is now taking place in cyberspace.
For example, HSI’s cyber division investigates child exploitation cases and is using automation tools and facial recognition technology on photo evidence to make more arrests.
“A lot of the time, we used to just gather enough evidence, look at the pictures, find out, ‘OK, we have enough evidence to charge this guy,’ and then all the rest of it. However much data this guy had, it would just be put into an evidence locker and it would disappear. Well, there were living, breathing child victims contained in that data, and we weren’t actually finding out who they were, or even look at them,” Denton said.
In using these automation tools to go through a huge backlog of child exploitation images, HSI has been able to link pictures taken with the same camera, or identify the same victims in multiple photos.
Katherine Brennan, the deputy chief of the Army’s law enforcement division and a leading expert on emergency communications, said aging IT infrastructure became apparent during an analysis of the Army’s dispatching and response standards.
“We noticed that in not all cases, we are meeting that standard. So when we looked at why aren’t we meeting that standard, when we peeled back the onion, what we discovered is, yes, there are manpower and training issues, but in 50 percent of the cases, it was IT failures that caused a delay in emergency response,” Brennan said.
Some installations have analog technology, like a phone management switch, that is degraded or failing.
“We can’t receive the call data from 911, the number and location data,” Brennan said. “If we can’t receive that information, we’re not going to be able to locate where the call’s coming from, and it’s going to delay our response.”
But criminals are also using advances in technology to stay one step ahead of law enforcement. Gurvais Grigg, the assistant director of the FBI’s laboratory division, said agencies need to overcome some of the bureaucratic challenges of government to stay in front of the bad guys.
“We create organizational constructs to help us organize our work and to focus our limited resources in those priority areas,” Grigg said. “In many ways, that is a great strength, because it gives us stability and predictability about an organization, how to route information through an organization. The challenge is our adversaries do not have to adhere to such constructs. In fact, they can be very agile and nimble. And so, one of the challenges we have is how can we, with our organizational constructs, maintain a level of agility to be responsive to that.”
But along with agility, Grigg said the FBI also needs to stay flexible and move resources around as threats change.
“We may allocate resources down a particular program, only to find out that the threat is shifting out of that. We need to be able to have dynamic threat prioritization,” he said.
In addition to its other responsibilities, HSI also works to track down cybercriminals on the “dark web,” where they can buy illegal drugs and weapons under total anonymity.
“If they’re trying to use a bulletproof virtual private network, we want to find a way to make it less bulletproof,” he said.
The technology probably remains decades away, but Denton said quantum computing could be a major breakthrough that could bust through most modern-day encryption.
“We get devices that we can’t get into that we know have evidence of crimes on them. We have technical solutions that we’re working on, but as we develop them, so do the criminals. Quantum computing comes around, it’s going to be a huge game-changer for encryption technology,” Denton said.