« More News Stories
November 11, 2010—The U.S. Secret Service yesterday presented its Director’s Recognition Award to two staff members of the CERT® Program, part of the Software Engineering Institute
at Carnegie Mellon University, for their contributions to the TJX
network intrusion investigation. The Director’s Recognition Award is
given to corporate or industry individuals or organizations who have
provided significant assistance to the Secret Service in its
investigative or protective mission.
Rich Nolan and Matthew Geiger
received the award from Eric Zahren, special agent in charge of the
Pittsburgh office of the Secret Service in a brief ceremony at the SEI
headquarters in Pittsburgh. Nolan is technical director of the Digital
Investigations and Intelligence Directorate (DIID) in the CERT Program,
and Geiger is a senior member of the technical staff in the DIID.
DIID works closely with federal law enforcement and intelligence
agencies to provide operational support, identify and develop tools that
address needs not met by commercial tools, and provide training to
improve the state of practice among digital forensic analysts.
TJX investigation involved a network intrusion that compromised
customer records at T.J. Maxx, Marshall’s, and other retailers. Eleven
individuals were indicted in 2008 in connection with the data breach,
one of the largest data breaches in U.S. history; they were allegedly
responsible for the theft of account data for more than 90 million
credit and debit cards over a six-year period.
reason for the award, Kenneth Jenkins, special agent in charge, Criminal
Investigative Division, said, “[In the TJX investigation] traditional
investigative techniques revealed that sophisticated and complex network
masking, encryption and other obfuscation techniques were being
employed as counter-measures to thwart investigators from identifying
suspects, their methods of operation, and the access, recovery and
seizure of digital evidence. In response, the [DIID] developed both an
innovative approach and custom tool to overcome these counter-measures.
This approach proved successful in recovering sufficient digital
evidence necessary for prosecution. The methods successfully employed by
the [DIID] will certainly become a mainstream investigative practice
that will benefit future Secret Service technology-based investigations.
They have also filled a definitive need within the current arsenal of
law enforcement digital forensic tools and techniques.”
individual government agency or entity alone can deal effectively with
what we’re going to face in the cyber realm,” said Zahren in the award
presentation. “The Electronic Crimes Special Agent Program
and Electronic Crimes Task Forces were initiated to bring agency
resources together with the expertise and creativity of our partners.
What you do at Carnegie Mellon and CERT is the ideal of that concept.”
Pethia, director of CERT, said, “We appreciate the strong relationship
that CERT has built with the Secret Service. Our relationships with law
enforcement agencies enable us to put our ideas to good use.”
a seven-year staff member at CERT, is a U.S. Marine Corps veteran and a
former Drug Enforcement Administration agent. Geiger, who joined the
SEI in 2006, has assisted U.S. federal agencies in several high-profile
cybercrime investigations as part of CERT's forensics team. Prior to
joining CERT, he worked for 14 years in Southeast Asia, including
founding a computer forensics company in Singapore.
Photo caption: Rich Nolan (left) and Matthew Geiger