Illicit Bitcoin transactions: challenges in getting to the who, what, when and where
| Pages | 297-313 |
| Published date | 02 July 2018 |
| Date | 02 July 2018 |
| DOI | https://doi.org/10.1108/JMLC-07-2017-0031 |
| Author | Angela S.M. Irwin,Adam B. Turner |
| Subject Matter | Accounting & Finance,Financial risk/company failure,Financial compliance/regulation,Financial crime |
Illicit Bitcoin transactions:
challenges in getting to the who,
what, when and where
Angela S.M. Irwin and Adam B. Turner
Macquarie University, Sydney, Australia
Abstract
Purpose –The purpose of this paper is to highlight the intelligence and investigatory challenges experienced
by law enforcement agencies in discovering the identity of illicit Bitcoin users and the transactions that they
perform. This paper proposes solutions to assist law enforcement agencies in piecing together the disparate and
complex technical, behavioural and criminological elements thatmake up cybercriminal offending.
Design/methodology/approach –A literature review was conducted to highlight the main law
enforcement challenges and discussions and examine current discourse in the areas of anonymity and
attribution. The paper also looked at other research and projects that aim to identify illicit transactions
involvingcryptocurrencies and the darknet.
Findings –An optimal solution would be one which has a predictive capability and a machine learning
architecture which automaticallycollects and analyses data from the Bitcoin blockchain and other external
data sources and applies search criteriamatching, indexing and clustering to identify suspicious behaviours.
The implementation of a machine learning architecture would help improve results over time and would be
less manpower intensive. Cyber investigators would also receive intelligencein a format and language that
they understand and it would allow for intelligence-led and predictive policing rather thanreactive policing.
The optimal solution would be one which allows for intelligence-led, predictive policing and enables and
encourages information sharing between multiple stakeholders from the law enforcement, financial
intelligence units, cyber security organisations and fintech industry. This would enable the creation of red
flags and behaviour models and the provision of up-to-date intelligence on the threat landscape to form a
viable intelligence productfor law enforcement agencies so that they can more easily get to the who,what,
when and where.
Originality/value –The developmentof a functional software architecture that,in theory, could be used to
detectedsuspicious illicit transactions on the Bitcoinnetwork.
Keywords Heuristics, Law enforcement, Anonymity, Bitcoin blockchain, Illicit transactions,
Red flag indicators
Paper type Research paper
1. Introduction
Cybercurrency is an internet-based store of value, which is used and created for much the
same purpose as physical currency.However, cybercurrency has no physical representation
in reality –it is created, stored and transacted electronically. Cybercurrency transfers are
instantaneous and borderless and many have been designed so that users can transact in
relative anonymity. These elements of their functionality not only present exciting
opportunities for financial technology (fintech) innovation but also create a myriad of
challenges for financialsector regulators and law enforcement agencies.
Cybercurrencies, such as Bitcoin, have been linked to the online drug industry (Martin,
2014), money laundering (ML) and terrorism financing (TF) (Irwin and Milad, 2016;Pflaum and
Hateley, 2014). Cryptocurrencies have been linked to cybercriminal activity on online dark
marketplaces such as Silk Road 3, Alphabay and Valhalla. For example, these platforms allow
Illicit Bitcoin
transactions
297
Journalof Money Laundering
Control
Vol.21 No. 3, 2018
pp. 297-313
© Emerald Publishing Limited
1368-5201
DOI 10.1108/JMLC-07-2017-0031
The current issue and full text archive of this journal is available on Emerald Insight at:
www.emeraldinsight.com/1368-5201.htm
consumers to purchase cybercrime-as-a-service, hacking tools, malware, stolen credit card
details and compromised usernames and password combinations using Bitcoins.
Cryptocurrencies have also been involved in the facilitation of global ransomware attacks. In
May 2017, a ransomware attack known as WannaCry spread very quickly across the globe.
WannaCry, hailed as “the biggest ransomware outbreak in history”(F-Secure, 2017), affected
more than 300,000 computers in 150 countries in a matter of hours. This attack was particularly
damaging because it was not just a ransomware program but a worm, which looked for other
computers and systems to infect. WannaCry encrypted all files on the systems that it infected,
making them unavailable to the victim until a minimum of $300 in Bitcoin was paid to the
perpetrator(s)[1]. Three hardcoded Bitcoin addresses/wallets were used to receive the
ransomware payments. As of 20th June 2017, a total of 335 payments, totalling 51.91182371
Bitcoin or US$144,010.54, had been transferred into the three Bitcoin wallets (Twitter, 2017). In
June 2017, a major global wiper malware attack named “Petya”or “Not Petya”was released.
Although Petya was originally reported as a ransomware attack (The Sydney Morning
Herald), it was later reclassified as a destructive malware that was designed to irrecoverably
wipe the content of the computer. The Petya malware started in Europe, very quickly spread to
the USA and then started to affect systems in Australasia. Again, the perpetrators of this
attack requested US$300 to be paid in Bitcoins but they had no intention of restoring targeted
devices to a working state (The Hacker News, 2017).
The growth in ransomware attacks is not unexpected. What is unexpected is the speed at
which recent ransomware attacks have spread. In 2016, the US Department of Justice reported
that ransomware attacks spiked in 2015, averaging 4,000 per day, due, in part, to the growing u se
of Bitcoin for the collection of ransoms (Vigna and Rudegeair, 2017). Recent attacks have eclipsed
this figure in a few short hours. Although typical ransomware payments range from $US500 to
$US1,000, some hackers have demanded as much as US$30,000 to decrypt data (Vigna and
Rudegeair, 2017).
In 2012, the FBI expressed concerns about the difficulty of tracking the identity of
anonymous Bitcoin users and remonstrated how law enforcement agencies experienced
difficulty identifying suspicious users and obtaining records for Bitcoin transactions.
Unfortunately,these difficulties and challenges persist today.
Although much of what we hear about cybercurrencies, such as Bitcoin, is negative,
cryptocurrencies, and blockchain technology, upon which Bitcoin is based, have many significant
benefits which can positively impact the financial quality of life of people in developing and
developed nations. For example, they enable the two billion “unbanked”or “underbanked”people
across the world, living without traditional financial instruments and services, to operate a
cybercurrency account using their mobile phone. A further, and perhaps more significant, benefit
of cryptocurrencies is their capacity to revolutionise the remittance industry by reducing the
often-excessive transaction fees charged by other financial service and remittance providers.
Bitcoin’s promise as a financial technology platform has increasingly garnered the interest
of government and private sector leaders alike, especially the Australian Stock Exchange, as a
more efficient means of post-trade settlement, and the banking industry, who have expressed
an interest in trialling blockchain-enabled trading. In total, 40 of the world’s largest banks have
tested a system that uses blockchain technology to trade bonds (Laughlin, 2016).
On 21 March 2016, the Australian government released a statement on its top priorities
for the country’sfintech future (AustralianGovernment, The Treasury, 2016a). In doing so,
it expressed its clear intention to become a global leader in emerging financial services
technology. Treasurer,Scott Morrison, indicated the government’s keen interest in exploring
the applicability and utility of Bitcoin’s distributed ledger technology to mainstream
financial service providers, particularly as it relates to international money transfers and
JMLC
21,3
298
To continue reading
Request your trial