The Woodard Report

IRS Criminal Investigations Report on Cybercrimes

Written by Cathy Roth | Nov 19, 2021 7:00:40 PM

The Internal Revenue Service's Criminal Investigation Division recently released its annual report highlighting investigations during fiscal year 2021. The report includes information about the Cyber Crime Unit, types of crimes that are investigated, and descriptions of a few significant cases. 

In the summary of the annual report published yesterday, statistics of both tax crimes and non-tax crimes were provided. The 49-page annual report may be accessed here

Overview of the Cyber Crime Unit

IRS Criminal Investigations (CI) created the Cyber Crime Unit (CCU) in 2015. The unit has focused on countering the exponential growth of cybercrime affecting the US tax, financial, and economic systems. CCU maintains a headquarters office and coordination in each of the 21 CI Field Offices.

In addition, CI proposes to open an Advanced Collaboration & Data Center (ACDC) in 2022 in the Northern Virginia area. The center's focus will be to bring Treasury and other government data, technology and specialized personnel together to develop high-impact solutions to safeguard our tax and financial systems. CCU and Cyber Support Units of the Washington, D.C. field office will endure that ACDC maintains an operational focus. 

Types of Crimes Investigated by CCU

As the use of technology grows, so too do  "the internet and internet-based technologies that enable criminals to engage in illegal activity with anonymity and without a defined physical presence." These types of crime are divided into two types. First, field office special agents investigate these types of crimes at a more local level. However, when these crimes reach a level that includes multi-jurisdictional offenses that pose "the most significant threats to the U.S. tax and financial systems," CCU leads the investigation. These types of crimes typically involve the use of cryptocurrency.

Two trends have appeared over the past several years. First, the rate of growth is increasing in the number of criminals using internet-based resources in Stolen Identity Refund Fraud (SIRF), COVID-related payment fraud, and other refund fraud using the tax system. Second, data loss reports to the IRS are dramatically increasing, including data intrusions, business email compromises, phishing schemes, and bank account takeovers targeting financial data, prior year tax returns, and payroll records. 

These types of investigations lead to the development of defensive strategies to help identify and prevent further losses associated with fraudulent crimes. 

Identification of CryptoCurrency Owner Resulting in Federal Seizure

Recently, we published an article asking the question "Are Cryptocurrency Transactions Really Private?"

A recent investigation by CCU answered that question with a resounding, "NO!"

Silk Road creator Ross Ulbricht was convicted in 2015 on seven counts involving narcotics and money laundering. At the time, the money from the criminal enterprise wasn't found. In November of last year, at least part of it was located and seized. 

CCU analyzed bitcoin transactions in conjunction with a third-party bitcoin attribution company. They were able to identify 54 transactions in or around 2012 and 2013 that were tracked to a bitcoin address connected to an individual who had previously hacked (stole) the funds from Silk Road. Because the funds were originally the proceeds of unlawful activity, several thousand Bitcoins were seized on November 3, 2020. The next day, the coins were valued at over $1 billion.