How the Secret Service Protects the President Against New Cyber Threats
Foiling assassins and breaking up bank scams is all in a day’s work for Secret Service agents. But in recent years, the job has grown harder. Today, agents must also protect the President against a host of new Internet threats and track criminals to far-flung places.
The Secret Service, which began as a Civil War anti-counterfeiting squad, today has a mission that lies at the intersection of Washington, Wall Street, and the Internet. To get an idea of how the storied agency is faring in the cyber age, Fortune spoke to a long-time veteran of the service and others familiar with its work.
Cyber Threats to the President
If you picture a Secret Service agent, he would probably look like Scott Sarafian, a tall and clean-cut figure in a navy suit with specks of gray in his hair. Sarafian speaks deliberately and likes to use a lot of acronyms. We met on a cold morning at the Secret Service field office in downtown Brooklyn, N.Y.
The office is on a top floor of a tall building and offers stunning views of New York harbor and the banking temples of lower Manhattan. Many people don’t know the original mission of the Secret Service, which was part of the Treasury Department until 2003, was to solve financial crimes. It was only in 1901, following the assassination of William McKinley, that Congress gave the agency its second mission of protecting the President.
When it comes to protection, there is danger from lone lunatics like John Hinckley Jr., who tried to shoot President Ronald Reagan but was foiled as brave Secret Service agents used their bodies to block bullets. But there also are more subtle threats, including the growing number of everyday objects that are connected to the Internet and are susceptible to hacking.
“The Secret Service realized not only do we need to control the physical environment but the virtual environment too,” said Sarafian, who listed elevators, heating and ventilation systems, and lighting as part of a long list of Internet-connected items that agents must secure before a President arrives in a new location.
Get Data Sheet, Fortune‘s technology newsletter.
To illustrate the potential danger, Sarafian gave the example of an Internet-connected thermostat compromised by a hacker.
“If the President came to this room we would worry not just about the physical safety, but the heating of this room—if they were to heat this room to 95 degrees and force everyone into an alternate room, that would be a problem because someone could be waiting there,” he said, adding the agency meets with building managers to identify any device that can be controlled via the Internet.
It’s not just buildings. The organization and its more than 3,000 agents also guard against threats posed by Internet-connected cars, traffic lights, and other infrastructure. And, of course, there is the matter of cell phones used by the President, the Vice-President and their families—who are called “protectees” in the agency’s argot.
“The Secret Service looks at this not as a phone but as a computer that happens to make phone calls. We provide best practices to our protectees regarding cyber hygiene and how to secure the safety of their device, as well cyber hygiene as it relates to email and apps on their device,” said Sarafian.
He confirmed the agency provides cyber briefings to President Trump, whose free-wheeling use of his Android phone has raised eyebrows in the security community, but declined to provide any details about those briefings.
“Unlimited cash-out” and a new breed of computer crime
Like other fabled American institutions, the Secret Service has had some high-profile setbacks in recent years. These include a booze-and-sex scandal in 2012 that resulted in the agency imposing a new personal conduct policy, as well as a discrimination lawsuit that resulted in a cash settlement for African American agents.
But the incidents don’t seem to have taken a permanent toll on the Secret Service or its work. In background conversations with Fortune, people from the financial industry and other branches of law enforcement praised the agency for its discretion and cyber-savvy. If a bank executive learns of a security breach on a Sunday morning, for instance, he or she is likely to make a quiet call to the Secret Service.
The agency is also involved in high-profile investigations like the “unlimited cash-out” case, which caught cyber criminals who used the Internet to override daily withdrawal limits on ATM machines. The scheme saw the masterminds deploy mules with fraudulent debit cards to drain $50 million from ATMs in 12 hours across 25 countries. The Secret Service apprehended the ring leaders, who now face trial, by using a ruse to lure them to a country with an extradition treaty with the United States.
The ATM scam is just one example of the new sort of financial crimes the Secret Service must confront in the digital age. Another comes in the form of hackers who hijack connected consumer devices, including security cameras and printers, and use them to attack websites. Meanwhile, the agency also tracks the so-called “dark web” where criminals sell sensitive information on hidden websites. While crime on the dark web is nothing new, Sarafian says top cyber crooks are now less interested in credit-card information or personal data, and are instead focused on acquiring information about banks’ Internet connections or stolen software.
To keep up with the threats, the Secret Service coordinates a task force of banking executives, academics, law enforcement bodies and others. The task force meets regularly in New York to share information about the latest cyber threats, while the agency has also set up dozens of similar forums around the world.
At the end of the day, when it comes to cyber crime, Sarafian says it’s the job of the Secret Service to protect and inform the U.S. financial industry without pointing fingers. He makes an analogy to another sort of crime to describe the agency’s approach.
“I don’t care if your car got broken into because you left your car unlocked. My job is to get the bad guy who broke into the car.”