Blockchain is empowering business but also a growing cadre of cyber criminals
Cryptocurrency and crime are like marinara sauce and pasta. They fit. Let’s look at the factors involved: there’s crypto anonymity, little to no regulation, no refund, the seller cannot reverse the transaction, the process is super-fast, and there’s a huge international underworld. That’s catnip for criminals.
The 100 percent-anonymous altcoins like Monero, ZCash and MimbleWimble are perfect for hiding illicit tracks. Bitcoin is insufficient, since law enforcement and security experts use the addresses on its ledger to track transactions to their sources, as well as the time of these transactions and the amount sent. In contrast, Bitcoin variants like Monero not only encrypt and fake addresses, but also obscure the amount of the transactions, making Monero and its ilk perfect for criminals. As recently as last December 18, thieves hacked 190,000 WordPress websites per hour for Monero, according to security company Wordfence.
Other criminal-endearing cryptos are “mixes” like CoinShuffle++ and TumbleBit, that bundle transactions together. When legal transactions are muddled with illegal ones, law enforcement has a harder time uncovering tracks.
Criminals, also, have the Onion Router (Tor), which anonymizes the IP address of the user. Tor is notorious for contraband transactions on the Dark Web and “one of the biggest challenges for potential Bitcoin regulation and enforcement”, writes Kavid Singh, Assistant Attorney General at the Texas Office of the Attorney General.
As Albert Mavashev, CTO at Nastel Technologies told Forbes, “Blockchain technology will evolve very quickly to become untraceable. Currently, I don’t see what law enforcement can do to stop this.”
2. Little to no regulation
The blockchain was formed to deter government regulation. But, this state of affairs seems to be drawing to an end with the US, UK and EU governments planning a crackdown on Bitcoin, amid growing concerns that the digital currency is being used for money laundering and tax evasion. Traders will be forced to disclose their identities, with nodes driven to practice the same KYC and due diligence practices that offline payment gateways do. Exchange traders’ activities would also be supervised by national authorities.
Of course, this would need the consensus from multiple banks, exchange centers and financial institutions to allow the government to monitor cryptocurrency transactions.
Then again, national authorities would, somehow, have to produce a totally new approach to monitoring bank products on a blockchain that uses zero-proof technology, since traditional approaches to law enforcement are insufficient.
Perhaps the best advice comes from Texas Assistant Attorney General Singh, who told Forbes, “Regulators should pursue a balanced approach: one that fosters Bitcoin’s benefits and deters money laundering.”
Singh added, “[Regulators need to understand] that at a certain point regulation will be ineffective against anonymous users.”
3. Sellers cannot refund or reverse the transaction
No refund or transaction reversal is the frosting on the cake. Thieves have the money in their hands. The seller cannot reverse the transaction. Police cannot scout criminals. Their identities are secure. In the offline world, back-and-forth dispute can help enforcement to track them. Here, immediate and final settlement of the deal makes the buyer irrevocably the loser.
4. Speed of transactions
Blockchain transactions are relatively fast – about 116 minutes for Bitcoin to about 26 minutes for Bitcoin variants like Monero. By the time law enforcement whiffs the crime, thieves are off and vanished. In the “normal” world, money gets held up until transactions clear. Furthermore, gateway payments like Amazon or PayPal have arbitrators ready to step in and mediate the process or remand the payment. With the blockchain, there’s none of that. Zoom! Criminals are off with money in their hands.
5. A huge international network
Cyber criminals have the world at their fingertips. The blockchain puts them in touch with dubious opportunities in every nook of the world. Best of all, some of these developing countries have toothless regulatory authorities and little to no law enforcement. What could be better? A platform like Monero scrubs out the hacker’s identity, while the peer-to-peer ledger connects them with offshore areas where thieving is the norm.
The crypto game of cops and robbers provides plenty of ammunition for the criminals, where thieves have the benefits of crypto anonymity, little to no regulation, no refunds, a super-fast process, and a huge international underworld to hide their identities and expedite their trades.
More recently, US, EU, and UK governments started fighting back with plans to regulate nefarious activity. These would include attempts to force traders to disclose their identities through KYC and due diligence practices, among others. Law enforcement also use the methods of deanonymization and anomaly detection. The first is used when criminals squirrel out of their hiding places and trade cryptocurrency for fiat currency, giving law enforcement something to follow. Anomaly detection follows the principle that illegal transactions differ from legal ones in that they’re anomalous and suspicious, and therefore indicative of illicit activity.
“Tracking and monitoring liquidity movement within and across blockchains could be used for law enforcement by monitoring a set of addresses and where money is going,” Mavashev explains. “Law enforcement can use Nastel transaction analytics tooling to perform forensics as well as to see patterns in seemingly unrelated on and off chain transactions.”
On the other hand, most ransomware requests bitcoins and victims usually use bitcoins, so criminals go through a three-step process, getting the bitcoins that they convert into Monero (or the like), and converting this into fiat – which is where police can catch them.
On the flip side and rather ironically, the Council of the European Union recently reported that complex technology of Bitcoin, Ethereum and other digital forms of money and their limited technical support deter criminals.
Still, to date, billions of dollars have been stolen from Bitcoin alone.
In fact, as the SEC observed: part of the reason that cryptocurrency succeeds is because of crime. And cryptocurrency crime is here to stay.