Digital intelligence must overcome challenges to solving crypto crimes

August 20, 2021

While the value of cryptocurrencies has varied wildly in the last year, this has not diminished crypto’s attractiveness to criminals. Many of them are moving their illegal activities underground and outside the view of law enforcement. Because of the public nature of most blockchains, however, this rapid movement shouldn’t be a major concern to law enforcement agencies. With the right tools and training, following the proceeds of crypto-enabled crime is actually not as difficult as it may seem.

However, intelligence agencies must have a cryptocurrency investigation plan that includes the right tools to lawfully collect digital evidence and the properly trained personnel to investigate these types of crimes when they arise.

Digital intelligence (DI) is a two-part definition — the data collected from digital sources and data types (think smartphones, computers and the cloud), and the manner in which agencies access, manage and obtain insights from that data to effectively run investigations. For law enforcement to investigate crypto-related security incidents, it must be equipped with the proper tools and expertise to drive these investigations forward. When investigators know what they’re looking for, and are equipped with the right tools and expertise to analyze and follow those leads, crypto starts to look less like an “invisible” web and more like the DI operations that investigative teams are used to.

Related: Declaring a crackdown? What to make of the DoJ crypto framework release

According to a report on cryptocurrency enforcement by the United States Attorney General’s Cyber-Digital Task Force within the Department of Justice, crypto-based crimes fall into three categories:

1. Using cryptocurrency as proceeds of crimes

Bitcoin (BTC) was pushed into the global media because of a series of high-profile, international criminal cases linked to the darknet in 2013. At that time, Bitcoin was the only form of currency on the dark web. After several successful government seizures, anti-regulatory computer developers created Monero (XMR), Dash, Zcash (ZEC) and other privacy coins designed to obfuscate the public ledger, which makes it difficult for law enforcement to track and seize assets.

Related: Darknet, cryptocurrency and two intersecting health crises

Legitimate businesses typically do not use the darknet to sell goods and services, but that does not mean legitimate goods are not offered on the darknet. Stolen goods, counterfeit products and copied software with stolen activation keys are easily found with steep discounts.

Businesses also face the risk of information theft. Selling bank accounts, employee records, customer records and proprietary information is one of the most lucrative ways criminals make money on the darknet. In 2019, cryptocurrency intelligence firm CipherTrace found that 66% of the products and services offered by darknet vendors throughout the year stemmed from the stolen payment products of compromised financial institutions.

Related: Privacy-preserving computation on blockchains could prevent breaches

The easiest and fastest way to find these criminals is through advanced crypto trackers and analytics programs.

2. Money laundering and hiding financial activity

When criminals make money through unlawful activities like drug sales, fraud, weapons trafficking or human trafficking, they need a way to convert the illicit funds to make them appear legitimate. This process is called “money laundering.”

Because of its ease of use and pseudo-anonymity, crypto-money laundering is quickly becoming a significant method for moving and laundering money. Within a few minutes, cryptocurrency can be transferred transnationally, converted into any other cryptocurrency or traded for real assets.

Related: The United States updates its crypto AML/CFT laws

3. Crypto on crypto crime

Some crypto criminals choose to focus their efforts on cryptocurrency users and exchanges.

In 2018, three North Korean military hackers — who were indicted in February 2021 — successfully stole and extorted more than $1.3 billion of fiat and cryptocurrency from financial institutions and companies. As Assistant Attorney General John Demers said:

“North Korea’s operatives, using keyboards rather than masks and guns, are the world’s leading 21st-century nation-state bank robbers.”

Related: North Korean crypto hacking: Separating fact from fiction

In 2020, around $1.5 billion was lost because of fraud and misappropriation, according to CipherTrace’s “2020 Cryptocurrency Crime and Anti-Money Laundering Report.” DeFi-related crime only continues to rise quarter over quarter.

These types of investigations pose many challenges for both the government and private businesses. The technology behind the cryptocurrency system is complex and rapidly evolving. Not surprisingly, police agencies are struggling just to keep up with the latest security patches and required hardware to successfully solve cases.

Clearly, the use of cryptocurrency is not a passing trend, as interest in crypto has dramatically increased. Law enforcement may be tracking certain crypto wallets or addresses, which can result in pinpointing a suspect behind the transactions. New developments in digital intelligence give the investigative teams the ability to visualize transactions and follow virtual paper trails that can uncover evidence about individuals who commit crimes.

Related: Bitcoin can’t be viewed as an untraceable ‘crime coin’ anymore

Training and education is the key

One of the first obstacles for law enforcement in dealing with crypto is perception. Cryptocurrency is new and evolving, so people perceive it as complicated, which means that training and education are critical. Investigators and agencies must have the necessary skills to optimize practices and techniques, but it may be difficult for police command staff to see the importance of cryptocurrency training because these types of investigations are new to law enforcement.

Related: How do DeFi protocols get hacked?

Agencies faced the same hurdle a decade ago when command staff did not feel cell phone investigations were important. Many teams were not investigating mobile devices because they lacked the tools and training necessary to do proper cell phone data analysis. Today, nearly every crime has some relation to a cell phone. In the near future, almost every financial crime will have some connection to cryptocurrency, as crypto is the inevitable future of money.

New investigative tools

The second tier consists of investigative tools. These are physical tools used to collect data from devices and software used to analyze the collected data. To create the best tools for crypto investigators, teams need solutions built around a comprehensive blockchain search engine tool that gathers massive amounts of data points to track cryptocurrency addresses through dark markets, exchanges and crypto ATMs.

New solutions entering the market give teams the ability to surface cryptocurrency artifacts to serve as “leads” to start a blockchain investigation.

Related: Outwitting crypto criminals: Why exchanges have to go the extra mile

Advancements in cryptocurrency technology have pushed experienced criminals underground where law enforcement involvement is virtually nonexistent, and the chances of being caught are minimal. Law enforcement should prepare now to create a complete end-to-end investigative solution focusing on knowledge, tools and services. Digital intelligence is key in breaking down what went wrong and preparing for the next incident, and it is imperative that all DI strategies have contingencies supported by world-class tools specifically designed for crypto.

With the growth in use and popularity of cryptocurrencies, agencies should also be working toward bringing their DI expertise in-house and recruiting savvy experts. It’s a two-part solution — agencies need both expertise and the right tools to properly respond to crypto-related incidents. These are the building blocks for a strong DI strategy. Crypto has been traced back to different crimes — from financial fraud to drug, wildlife and human trafficking — making it a fundamental part of DI investigations. And while becoming the new form of money, the technology behind cryptocurrency will help ease the investigative processes.

Addressing these new challenges requires the evolution of law enforcement tools, training and strategies built around DI and data analytics. The bottom line is that crypto is here to stay, and law enforcement agencies must take the necessary steps today to be ready for the rise in crypto crimes that is sure to become more widespread with the increasing popularity of cryptocurrencies. But crypto is just a tool for criminals, as money has always been. But it must become a tool for law enforcement agencies as well.

This article does not contain investment advice or recommendations. Every investment and trading move involves risk, and readers should conduct their own research when making a decision.

The views, thoughts and opinions expressed here are the author’s alone and do not necessarily reflect or represent the views and opinions of Cointelegraph.

Leeor Ben-Peretz is the chief strategy officer at Cellebrite, where he leads strategy and corporate business development functions. He brings over 20 years of experience in the forensic, telecom and software security markets, having served in key business development and product management-related positions at industry-leading companies such as Aladdin Knowledge Systems, Pelephone Communications, Comverse and InfoGin. Leeor holds an Executive MBA degree from the Hebrew University of Jerusalem and a B.A. in business and economics from the Academic College of Tel-Aviv.