Rogue nations and criminals are aggressively exploiting cryptocurrencies - FBI veteran
Cybercriminals appreciate cryptocurrency for being instant, liquid, and borderless. Yet, it is not totally anonymous, and experts can trace some of it back to the illicit activity.
Even if we were to eliminate cryptocurrency, ransomware wouldn't go anywhere. It's just that the unregulated cryptocurrency market makes crooks' job of laundering money easier. Not too easy, though. Sophos principal research scientist Chester Wisniewski once told CyberNews that laundering money is probably the most challenging attack component.
Gurvais Grigg, a former 23 year veteran FBI agent and Senior Executive (retired), now a Global Public Sector Chief Technology Officer at Chainalysis, claims that cryptocurrency is not totally anonymous. It is possible to map interactions between real-world entities. Blockchain data is public but not human-readable, so Chainalysis helps government and commercial clients investigate blockchain.
"We help interpolate that and make it human-readable by mapping it back to the real-world entities. If you look at it, over two-thirds of Bitcoin activity involved a service. Why is that important? It means there are records regarding those transactors," he explained during the MIT Tech Review CyberSecure conference.
Cryptocurrency exchanges, just like banks and other financial institutions, are regulated. That means they have a" Know Your Customer" (KYC) requirement. The point of KYC is to confirm that a customer is who they claim to be and to prevent illegal activities.
"It means you must provide information about who you are, background verification, and copies of documents, and such. Then we help our customers map these transactions to the blockchain and then map those back to the services, that gives them back a point of entry to provide a legal process to understand who might be involved," he explained during the MIT Tech Review CyberSecure conference.
These services can have tens of thousands or even millions of addresses. Chainalysis clusters that information to identify what those clusters might be associated with, whether they have risk associated with them.
"In the law enforcement context, they might be looking at the subject's activity to see whether they have any risk of exposure to illicit activity. Are they going on the dark web and buying services using cryptocurrency, child exploitation material, or ransomware? Could those proceeds moved through that exchange be derived from the ransomware campaign? And because of reporting by victims and the aggregation of data by government agencies and like-minded cybersecurity firms, we can then identify those illicit transactions," he explained.
However, according to a 2020 study by blockchain analysis firm CypherTrace, nearly 56% of all cryptocurrency exchanges have weak or porous KYC. Lack of KYC at decentralized exchanges, CypherTrace argued, increases money laundering risks.
Criminals have always been early adopters of new technology and are making full use of cryptocurrency. Rogue nations, authoritarian states, and criminals are aggressively exploiting cryptocurrencies due to their convenient nature - the transactions are instant, borderless, and the currency itself is liquid.
Malign actors leverage cryptocurrency for ransomware, money laundering, cryptojacking, human trafficking, domestic extremism, child exploitation, frauds and scams, terrorism, narcotics, and many more illicit activities.
For governments, blockchain provides an opportunity to avoid international sanctions. For example, Iran views crypto as a means to evade sanctions and finance weapons programs. North Korea conducts ransomware campaigns to offset sanctions and finance weapons programs (Lazarus Group). North Korean hackers stole >$1 billion worth of cryptocurrency in exchange hacks and have conducted cryptojacking campaigns.
Cryptocurrency, according to Grigg, is making its way to the mainstream and is here to stay. From 2020 to 2021, global cryptocurrency adoption increased by 880%.
A recent report from Crypto.com estimated that as of January 2021, roughly 106 million people now hold cryptocurrency or, put differently, approximately one in every 73 people on the planet.
The growth of cryptocurrency ATMs also points to the popularity of cryptocurrency. According to Grigg, there are over 30,000 cryptocurrency ATMs worldwide, with 87% in the US. Once, he tried to find the nearest cryptocurrency ATM and learned that there were nine of them close to him.
Using ATMs, cybercriminals can cash in small amounts of money without declaring it and drawing law enforcement attention.
And while crypto exchanges are regulated, there are usually no regulations on crypto assets.
According to Sophos 2022 Threat Report, cryptocurrency will continue to fuel cybercrimes such as ransomware and malicious crypto mining. They expect the trend to continue until global cryptocurrencies are better regulated.
The September 2021 sanctions announced by the US against Russia-based cryptocurrency exchange SUEX OTC alleged that 40% of the known transactions on the exchange were used to transfer money to known cybercriminal groups, including at least eight groups operating ransomware campaigns. One ransomware group sanctioned in 2019, known as Evil Corp, appears to be attempting to evade these sanctions by rebranding its ransomware under several distinct names.
"As a method of evading sanctions, cryptocurrencies are well suited to the task, which may be why criminals based in regions of the world that remain under traditional economic sanctions exclusively deal in cryptocurrency. Beyond that, because cryptocurrency is anonymous, it can be difficult to determine where the money ends up. And as cryptocurrency has gained favor in sanctioned countries, it's not surprising that we've observed illicit cryptocurrency miners spreading in the wild that send their output to organizations based in those places where people cannot use the traditional banking system," Sophos report reads.
More from CyberNews:
Subscribe to our newsletter