A contract between the Internal Revenue Service (IRS) and a threat intelligence firm Flashpoint in which a sum of $65,000 was paid.The contract was for the provision of dark web intelligence services and has been obtained by Motherboard through the Freedom of Information Act.
The document corroborates public records which show that the IRS paid the intelligence firm to use their platform and their API in order to access the remotest of locations of the dark web.
The document itself is brief and devoid of any deeper details although it does illustrate an increasing number of partnerships between government agencies and these threat intelligence firms that specialize in providing information from the dark web.
Previously, a few other agencies including the Immigration and Customs Enforcement which paid $150,000 to use Flashpoint’s array of products, the Secret Service, and Citizenship and Immigration Services have hired Flashpoint at one point in order to gain access to their dark web-centric services.
A Growing Symbiosis
It appears that government agencies and dark web threat intelligence services are quickly forming a synergistic relationship when it comes to tackling crime on the dark web.
The IRS, which has previously been involved in a couple of dark web cases including that of an AlphaBay heroin dealer and in the case of George Cotrel, is becoming a more prominent force in the fight against cybercrime.
What Flashpoint is offering its clients, according to their website, are tools and services that are beyond the reach of most law enforcement agencies.
Outsourcing tasks like dark web intelligence analysis provide these agencies with a way to mitigate the rampant crime on the dark web without using up too many resources or requiring the formation of a specialized task force.
The contract between the IRS and Flashpoint will terminate on June 31 this year pending any further contract extensions.
“We take our customers’ privacy very seriously” – Flashpoint
It remains unclear why exactly the IRS decided to contract the threat intelligence firm to scour the dark web on their behalf.
CEO and co-founder of Vera, Ajay Arora, speculates that the IRS is focused on curbing the ongoing criminal exchange of Personally Identifiable Information (PII) and Protected Health Information (PHI) in addition to an assortment of criminal activity that concerns the tax agency.
Reducing identity theft could be one of the reasons the IRS is now on the dark web, according to Cyphort senior director Mounir Hahad.
The increasing number of identity theft cases is without a doubt cause for concern for the agency especially since these stolen caches of information can be used to fraudulently acquire tax refunds.
According to Hahad, it is possible that the IRS has instated measures that will alert them to the presence of stolen social security numbers on the dark web via Flashpoint’s array of threat intelligence tools.
Cyphort senior director of threat operations Nick Bilogorskiy has no doubt that Flashpoint is a threat intelligence provider worthy of its reputation.
According to him, the IRS is trying to avoid a repeat of last year’s tax season which saw a 400 percent increase in the number of phishing and malware attacks.
Furthermore, the IRS breach of 2015 in which 700,000 taxpayer accounts were compromised and the fact that the agency fights off over one million hacking attempts every day could be the basis of their search for a specialized threat intelligence firm.
Flashpoint refused to delve into the specifics of their contract between them and the IRS when approached by SC Media, citing company policies.