WASHINGTON - Today the Secret Service hosted a virtual Cyber Incident Response Simulation for financial services, real estate, retail and hospitality executives who trained on mitigation strategies during a simulated business email compromise (BEC) attack. Business email compromise is a sophisticated scam targeting both businesses and individuals performing a transfer of funds. The scam is frequently carried out when a subject compromises legitimate business email accounts through social engineering or computer intrusion techniques to conduct unauthorized transfers of funds.
The training was the sixth of its kind and the fourth virtual event hosted by the Secret Service and its Cyber Fraud Task Force (CFTF) partners. The simulation offered executives who play an active part within their organization’s cyber incident response teams a scenario to enhance planning, collaboration and information sharing between private organizations and the Secret Service.
“While there are many cyber threats to businesses, we have recently observed a wholesale increase in the broad area of cyberattacks known as business email compromise, or BEC attacks,” said Secret Service Director James M. Murray. “These attacks are a form of cybercrime in which criminal actors, using various means, compromise and infiltrate an information system to steal real-time, privileged information. Our ability to effectively respond to cyber incidents like the one we are modeling in our exercise today is tied closely to the strength of law enforcement’s partnerships with businesses and organizations.”
As the cyber mission of the Secret Service expands, the agency has adopted a multifaceted approach inclusive of education and information sharing, as well as the enhanced development of partnerships with industry representatives. Event participants worked through a uniquely designed cybercrime crisis role-play simulation to gain experience, knowledge and a better understanding of how to efficiently and effectively respond to a BEC attack.
The event featured guest speakers from across law enforcement as well as industry executives who discussed a range of topics including:
- Partnerships between the Secret Service, Department of Defense, Europol, European Cyber Crime Center, Financial Services Information Sharing and Analysis Center and FinCEN;
- the complex cyber-threat environment;
- the needs of organizations victimized by cybercrime, and;
- the capabilities, investigative processes and tools of the Secret Service, specifically the capabilities of the Cyber Fraud Task Force partners.
To learn more about the Secret Service investigative mission, visit us at: www.secretservice.gov/investigation.