What Bitcoiners Are Doing to Fight Ransomware
How the digital currency community is helping law enforcement agencies get the information and tools they need. This article originally appeared in Fortune.
A recent wave of high-profile ransomware attacks has swept the globe and brought with it attention to Bitcoin. It’s not surprising that if a person’s first exposure to cryptocurrency is a screen warning them that their files are inaccessible and demanding a ransom be paid in bitcoin, they will associate this technology with criminal hackers.
However, that’s far from the full picture. There is a vibrant developer community that is using open blockchain networks like Bitcoin to build out the future of Internet infrastructure and fundamentally improve the way we transact online. To allow a few bad actors to tarnish this innovative technology would be a mistake.
Ransomware long predates the invention of Bitcoin. Some of the first ransomware involved victims sending cash in the mail to a post office box in Panama. Every existing method of online payment, be it mailing cash or PayPal, has been abused by criminals in some way. Bitcoin, like its predecessors, is simply a better way to transact online. It’s fast, reliable, verifiable, and does not need any kind of permission to be used. And that’s why criminals like it.
Using a better means of payment, however, does not put criminals out of law enforcement’s reach. Cooperation with bitcoin businesses and a growing forensic toolkit for bitcoin transaction analysis have made it harder than ever to get away with using Bitcoin for criminal activities like ransomware.
For one thing, bitcoin exchanges that service the U.S. are subject to the Bank Secrecy Act. This means that they must collect detailed identifying information on their users. Any time an illicit actor converts their bitcoins into their local currency through one of these exchanges, they can be identified. Further, suspicious activities such as large transactions or deposits from known bad actor Bitcoin wallets are flagged and automatically investigated. Exchanges are required by law to provide these records to law enforcement when appropriate.
Bitcoins can also be perfectly tracked within the Bitcoin system itself. The Bitcoin blockchain is a publicly available ledger of every bitcoin transaction ever made. Anyone can download and analyze it, and free online tools exist to help with that. Several companies have also developed sophisticated tracking tools specifically designed to help law enforcement and compliance professionals follow the movement of bitcoins, such as those paid to a ransomware address. This is how the the corrupt DEA and Secret Service agents that stole money during the investigation of the Silk Road darknet market were caught. Through pattern recognition and other advanced techniques, these tools make it much more difficult to get away with criminal use of the bitcoin network.
Industry has also been helpful to law enforcement with its participation in the Blockchain Alliance, a public-private forum between companies in the space and dozens of U.S. and global law enforcement agencies. The alliance is a resource for law enforcement, where agents can feel comfortable asking technical questions to some of the brightest minds in this space. It’s also a resource for the blockchain community to understand the interests and concerns of law enforcement and regulators about the blockchain and its applications.
The Internet was once a haven for criminals. They adopted it before law enforcement had time to get its bearings, understand the technology, and develop techniques for combating its illicit use. Now it’s universally considered a neutral, purpose-agnostic tool that can be used for any purpose, be it good or bad. Bitcoin will likely undergo the same evolution as law enforcement adapts to the technology with the help of some of the very businesses that want to see it grow.