I'm not sure if involving USSS helps in apprehending someone if you can't identify him. They have legal powers (although, MIT once it started acting as agents of the federal government lost some of their ability to act on their own private infrastructure...), and can do wiretaps on other networks, subpoenas, search warrants, etc., but if the crime is going on in your own facility, and you own the network, you are probably in a better position to observe what is going on than the USSS is.

Once you identify a person, USSS is certainly more capable of investigating him and apprehending, but at the sage of network cat and mouse, I'd put a decent sysadmin above the SS.

I think it can be very helpful. MIT had no idea they were dealing with a single individual or if they were dealing with an entity who was only targeting them. Pooling information from other potential victims through law enforcement seems like an obvious win.

Moreover, once they discovered the hardware Swartz had left, law enforcement could be extremely helpful by running fingerprints; MIT does not have access to the FBI's fingerprint database.

I agree it could help at that stage, and if this had been a sensitive private network, I'd err on the side of overkill. A university network, especially one as historically open as MIT, is different. Nothing he did was that out of the range of normal user behavior -- changing your dhcp reg, manually assigning an IP in the right range, etc. are all things people do when airport/hotel/etc. networks don't work. Leaving a hidden laptop plugged in is actually something I did a couple times (as a student) to download linux ISOs, mailing list archives, etc. (since we only had a T1 at the house, and the on-campus network was faster).

I'll wait until Abelson's report, though.