recommended reading

Military Illegally Aided ICE in Money Laundering Case, Civil Rights Lawyer Says

Sergey Nivens/

The military’s Special Operations Command and an agency of the Homeland Security Department engaged in an investigation of a $2.5 billion money laundering scheme that violated long-standing policies that preclude military forces from participating in law enforcement activities, a top civil liberties lawyer told Nextgov.

The Washington office of the Tampa-based SOCOM used sophisticated social media monitoring and data mining tools to aid the Immigration and Customs Enforcement's National Bulk Cash Smuggling Center in an investigation of money laundering activities conducted by several multi-national and U.S.-based companies, according to an internal SOCOM after action report obtained by Steven Aftergood of the Federation of American Scientists.

The report details a project called “Quantum Leap,” which SOCOM kicked off in August 2012. It says the command should take a “global view” of what it called counter threat finance operations that should have a “national priority.” The report said SOCOM derives its authority for such operations from an August 2010 Defense Department policy memo on the subject, which said Defense “shall work with other U.S. Government departments and agencies and with partner nations to deny, disrupt, or defeat and degrade adversaries’ ability to use global licit and illicit financial networks to negatively affect U.S. interests.” The memo names SOCOM as the “lead component for synchronizing DoD CTF activities.”

Mike German, senior counsel for the American Civil Liberties Union, said SOCOM’s participation in the investigation violates the 1878 Posse Comitatus Act, which bars the use of the military in law enforcement activities.

German made his comments based on the caveat that the document obtained and posted by Aftergood on his Secrecy News blog yesterday “was real, and accurately describes” the SOCOM operation and partnership with ICE. In an interview, Aftergood vouched for the legitimacy of the Quantum Leap report, but noted that it was a draft.

SOCOM spokesman Ken McGraw told Aftergood, “We cannot confirm the validity of any of the information listed in the [Quantum Leap] after action report. The only information we have received so far is the program is no longer in existence and the people who worked on the program are no longer there. We will provide you additional information when we get it.” McGraw is on furlough today and SOCOM did not respond to a query from Nextgov.

German said it was “entirely inappropriate” for the money laundering investigation to target U.S. companies, which, according to the report, were engaged in legal as well as illicit actives.

Industry Access Concerns

According to the SOCOM after action report, a dozen private companies, including defense industry giant Lockheed Martin Corp., participated in the Quantum Leap exercise. German expressed concern that personnel from these firms were provided access to “active law enforcement investigative files.”

The report said these companies signed non-disclosure agreements to “permit open sharing of proprietary and law enforcement sensitive information among the participants.”

The report names only one individual, ICE intelligence analyst John Clifton, who “provided background on the case, which included a wide range of examples and the tactics of advanced money laundering activity.”

Danielle Bennett, an ICE spokeswoman, declined to comment on the SOCOM report and money laundering investigation as it concerns an active case.

The SOCOM/ICE team used primarily open source technologies to identify and exploit the human, commercial and information networks associated with the case.

The team relied heavily on the Raptor X geospatial information system tool developed by the Energy Department’s Special Technology Laboratory. SOCOM has used it to provide a common operational picture in tactical operations centers.

Raptor X is an open architecture that relies on "plug-ins" to import and exploit data. ICE and SOCOM used a “Social Bubble” tool from Creative Radicals, LLC of Sausalito, Calif., to pull data from Twitter feeds and geo-locate Twitter users.

“This tool was heavily used to explore human networks associated with the CTF scenario and enabled identification of various entities: people, businesses and locations associated with the money laundering network,” the report said.

Twitter, which is currently the main source of public social media content, has grown from being used by only 8 percent of American Internet users in 2010 to being used by 18 percent of Americans in May, according to a report released this week by the Pew Internet and American Life Project.

Social Bubble appears to have mostly harvested information from Twitter’s application programing interface, a publicly available tool that allows developers to automatically pull selected tweets and information attached to them such as time and date stamps, location information and pictures into an external system or website. The API would not give SOCOM access to any private information such as Twitter users' direct messages.

German said the use of metadata -- such as telephone records harvested by the National Security Agency -- illustrates that privacy laws have not kept pace with profound changes in technology.

Aftergood said that in some ways the SOCOM/ICE operation is more disturbing to him than the NSA data collection operations as  the money laundering investigation relied on open source data.

Creative Radicals offers a variety of product design and consulting services, according to its website, but doesn’t have a history of non-intelligence government contracts, according to the contracts repository at The company did not respond to a request for comment left by Nextgov on Tuesday.

Other Quantum Leap vendors mined deeper into the Internet, the report said. The firm Cybertap, for instance, used an “Ethernet tap” to recreate PDF and HTML files that had been exchanged over the Internet, while G. Intrusion Inc. pulled information and relationship data from the “deep Web,” meaning Internet data that isn’t indexed on the World Wide Web.

Other Quantum Leap vendors supplied tools that mined through open source financial and shipping data to spot connections between companies that weren’t readily apparent. Lockheed Martin was an observer at Quantum Leap but did not demonstrate any of its technology.

While social media is ripe for mining actionable intelligence, that could soon change, the report said. “We are currently in a ‘window’ of opportunity for exploitation of social media sources for application to CTF [counter threat finance] or other SOCOM NCR missions. This window could be as narrow as 18-24 months before the social media phenomenon transforms. This future transformation is unknown and could offer additional opportunities, or existing opportunities could be closed, but the only thing that is certain is that there will continue to be rapid change.”

Threatwatch Alert

Thousands of cyber attacks occur each day

See the latest threats


Close [ x ] More from Nextgov

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Modernizing IT for Mission Success

    Surveying Federal and Defense Leaders on Priorities and Challenges at the Tactical Edge

  • Communicating Innovation in Federal Government

    Federal Government spending on ‘obsolete technology’ continues to increase. Supporting the twin pillars of improved digital service delivery for citizens on the one hand, and the increasingly optimized and flexible working practices for federal employees on the other, are neither easy nor inexpensive tasks. This whitepaper explores how federal agencies can leverage the value of existing agency technology assets while offering IT leaders the ability to implement the kind of employee productivity, citizen service improvements and security demanded by federal oversight.

  • Effective Ransomware Response

    This whitepaper provides an overview and understanding of ransomware and how to successfully combat it.

  • Forecasting Cloud's Future

    Conversations with Federal, State, and Local Technology Leaders on Cloud-Driven Digital Transformation

  • IT Transformation Trends: Flash Storage as a Strategic IT Asset

    MIT Technology Review: Flash Storage As a Strategic IT Asset For the first time in decades, IT leaders now consider all-flash storage as a strategic IT asset. IT has become a new operating model that enables self-service with high performance, density and resiliency. It also offers the self-service agility of the public cloud combined with the security, performance, and cost-effectiveness of a private cloud. Download this MIT Technology Review paper to learn more about how all-flash storage is transforming the data center.


When you download a report, your information may be shared with the underwriters of that document.