Cryptocurrency-Terrorism Nexus: A Threat Analysis

Abstract- Money makes the world go round. It is an essential part of life that is required for virtually everything, even for terrorist organizations. The survival of a terrorist organization is directly linked to the availability of funds. Some organizations are self-funded by the members or legitimate businesses, some rely on charitable donation or diaspora support while some have state funding. Immaterial to the source, all organizations need to carry out financial transactions using some form of currency to support their organizational aims. The landscape of currency has evolved over the past from commodity to fiat and now virtual currency. Given the advancements and a greater number of options available to the terrorist organizations, this paper analyses the plausible threat posed by the so-called ‘anonymity’ promised by various cryptocurrencies. An untraceable trail of money is an ideal vehicle for terrorist funding and poses a serious challenge to the Global War on Terrorism (GWOT). The current use of cryptocurrencies by terrorists, myths and realities and the impact of future trends and regulations are presented in this paper.

Keywords: Terrorist funding, cryptocurrency, the blockchain

Introduction

Money laundering as a vehicle for funding terrorism is a complex mechanism involving multiple players. The prime goal in the aspect of money laundering is to evade the authorities’ attention and to protect the identity of their supporters and beneficiaries. In contrast to the money laundering from criminal activities like the drug trade, weapons smuggling, fraud, kidnapping, extortions and theft, terrorist financing is generally in smaller amounts. The detection and tracking of these funds are more difficult (FINTRAC, 2018 [1]). The formal banking system, informal value transfer systems, and Hawalas and Hundis are the oldest forms of moving the funds. Some organizations also resort to physical transportation of valuables like gold and cash. In the case of the cryptocurrencies, fiat currency is used to exchange the cryptocurrency and then the transactions are performed anonymously.

The first challenge in tracking terrorist financing lies in linking the funds to terrorist activities for which the beneficiary is required to be identified and the next challenge is to identify the supporter. The trail of transfers between the supporter and the beneficiary can be very complex and are often misleading. In this scenario, a mode of transfer promising anonymity is bound to gather attention. Cryptocurrency is one such mode that offers the anonymity of the transactions. The blockchain is the underlying software technology that runs the cryptocurrency platform. This paper brings out the nuances of blockchain technology and its potential application in terrorism funding.

Blockchain Technology and Cryptocurrencies

In order to understand the implications of cryptocurrency’s use for the financing of terrorist activities, one must first understand the technology. Blockchain has been touted to be the fifth evolution in computing that adds the missing trust layer to the internet. It is based on distributed network architecture that is secured using cryptography (Laurence, 2017 [2]). Each transaction is a highly encrypted block added consecutively to the previous chain of transactions and available across the network. The genesis block is the first block of the chain and it is manually created by a developer setting a framework of rules while the later transactions are created automatically (Davis, 2011 [3]). It allows for an open, constant and shared-ledger that records transactions and tracking of assets without the possibility of any alteration. Blockchain technology resolves the trust, security and privacy issues at the same time the cost and time factors are minimal as there are no intermediaries involved and is completely automated (Singhal, Dhameja, 2018 [4]). There are various applications of blockchain technology, cryptocurrency being the first one to be commercialized. Cryptocurrency is a means of payment which is used for the exchange of money, goods or services. It is not a legal tender and is not backed by the government. Bitcoin is the first cryptocurrency that is built on the blockchain technique and currently, there are 2090 known cryptocurrencies while many others exist in the ‘Dark Web’ as well. The key players involved are the cryptocurrency exchange and wallet. The cryptocurrency exchanges accept fiat or virtual money (government-backed) and allow trading of cryptocurrencies much like any stock exchange around the world. The exchanges may or may not be regulated depending on the country of origin. This means that unregulated exchange has no obligation to know their customer and fake accounts can be created to send and receive money. To get an idea of the business, various cryptocurrency exchanges trade at a market volume of 88 Billion Dollars daily.

Cryptocurrency is just a string of code that is limited in quantity. The code once allocated to a wallet address belongs to the holder of the wallet. The wallet address is a multiple-stage cryptographic scheme and hence the identity of the owner of the wallet is impossible to be derived. For example, bitcoin has a three-stage scheme starting from the private key belonging to the holder(s). A public key is derived from the private key from which the wallet key is derived using the one-way hash functions. One-way hash functions are the basis of all modern cryptography and are impossible to crack. Going backward in the scheme is intractable and this makes the owner anonymous (Figure 1). The unregulated wallet service providers and exchanges are not aware who is controlling the wallet and only the private key holder can control the currencies associated with the wallet.

Figure 1: One-way hash function for Bitcoin’s three-stage scheme

Once a currency is sent to a wallet address a block is added to the ledger chain registering the transaction. Hence only the trace of currency transactions is visible in the blockchain along with the wallet address but not the identity of the perpetrators in case of unregulated exchanges and wallets.

(a)

(b)

Figure 2: (a)Virtual money transfer steps (Ripple, 2014 [5]) (b) Bitcoin transfer steps (?en and Akarslan, 2018 [6])

The task of verifying the transaction and registering it is termed as mining as the person who performs it benefits from it by receiving a fixed amount of cryptocurrency. The whole process occurs within a few minutes and is not cost-prohibitive unlike a classical international money transfer through banks (Figure 2).

Apart from Bitcoin which is a public entity with no administrator, there are private cryptocurrencies like Monero, Dash and Zcash, These currencies allow more anonymity via ring signatures, ring confidential transactions, and stealth addresses to obfuscate the origins, amounts, and destinations of all transactions (M.Ziegler, 2018 [7]).

In the recent past another player has gain popularity in terms of anonymity; Dark Wallet. It implements coin mixing (tumbler) wherein the users’ transaction is mixed with that of a random user who is making a transaction at the same time. In theory, if a user is transacting in anonymous coins like Monero using unregulated Dark Wallet and unregulated exchanges, tracing the transactions from the ledger would prove to be difficult if not impossible.

Use of Cryptocurrencies by Terrorist Organizations in the Past

The cryptocurrency was envisaged as an innovative technology capable of decentralizing the financial system. However, due to the lack of regulations and control mechanism all over the world, its utilization is appealing for money launders and criminals. For quite some time now bitcoin is the favorite means of exchange for illegal goods, services, weapons, and drugs. Such activities are anonymously carried out using the TOR browser and the services are available through the online marketplaces like the Silk Road, Silk Road 2.0, Agora, and AlphaBay hosted on the Dark Web. The dark web comprises of websites hosted on illegal servers with a .onion suffix. TOR browser provides anonymity to the surfer and the dark web provides anonymity to the illegal service providers.

Cryptocurrencies present an opportunity to terrorist groups allowing them to anonymously move funds across the borders. The Islamic State (IS) benefited from the cryptocurrencies in 2014-2017 in form of receiving donations from supporters across the world. IS sympathizers initiated mass cryptocurrency donation campaigns on IS-affiliated websites as early as 2014. Detailed explanations of donations in the form of Bitcoin and more anonymous privacy coins like Zcash and Monero were provided on chat environments like Telegram. Later in 2017 during the downfall of IS, pro-IS websites Akhbar al-Muslimin, Dawaalhaq Islamic News Agency and Isdarat asked for cryptocurrency donations (EUROPOL, 2018 [8]). The website provided wallet addresses where the money could be transferred. Despite the potential none of the attacks conducted in Europe were funded by cryptocurrencies (Goldman, Maruyama, 2017 [9]).

In December 2017, a US citizen was arrested in New York for obtaining $62,000 in cryptocurrencies to send to IS. The individual used false information to acquire a loan and multiple credit cards. The collected amount was converted to cryptocurrencies and was sent to IS via Pakistan, China, and Turkey. A list of similar episodes is presented in Figure 3.

Figure 3: Selected episodes of terrorists’ use of cryptocurrencies, recreated from Goldman, Maruyama, (2017) [9]

It can be observed that the use of cryptocurrencies by terrorist groups is at the moment episodic and not rampant. Only a small amount of funds is involved in these incidents.

Cryptocurrency Properties: Myths and Realities

Anonymity

Although cryptocurrencies claim that the identity of the user is masked, this is somewhat misleading. The blockchain technology is just one side of the equation for complete anonymity. Scholars have shown that by examining the blockchain activity closely one can spot the accounts that appear to belong to the same wallet address and thus controlled by the same entity. The process is known as clustering (Heaven, 2018 [10]). Once the multiple accounts have been linked to the same owner the remaining task is to identify the holder. In the landscape of terrorist financing through donations, the groups are required to advertise their wallet address to accept the donation. This links the identity of the wallet holder to nefarious activities. Regulated cryptocurrency exchanges must follow the Know-Your-Customer (KYC) and Anti-Money-Laundering (AML) rules which require the investor to deposit their identification for the services. These exchanges can provide the identity of the wallet holder. Some people post their wallet addresses on online social forums and can be identified. Chainalysis and Elliptic are two investigative companies that use machine learning applications to decipher the identity of suspected wallet addresses (Heaven, 2018 [10]).

There are many threats to the anonymity of cryptocurrency users like temporal data, off-network information, internet protocol (IP) address data, and other side channels (Reid and Harrigan, 2012 [11]). These threats can be reduced using tumblers like dark wallet and obfuscating the IP using the TOR browser. However, these technologies have subtle flaws and the users would ever know when they have been deanonymized and detected (Biryukov and Pustogarv, 20 [12]).

Cryptocurrencies developed in the recent past like Monero and Dark Coin (now Dash) that offer better anonymity by obfuscating transactions are a peculiar challenge to the regulatory authorities. These coins employ a variety of methods like rung signatures that makes it difficult to associate the transaction with the user. In short, their ledgers are not public. Monero in specific also incorporates IP masking to boost the anonymity of the user. Although these techniques are potent, none of these currencies have been adopted widely and the market share remains less compared to the more public Bitcoin and Ethereum. The use of anonymous currencies by terrorist organizations may pose a threat in the future only with their widespread adoption. It also entails that the members of the terrorist organizations are required to be more technically adept (Schwarz, Manheim, 2019 [13]).

Usability

Using cryptocurrency safely and with anonymity is a highly technical skill and requires thorough knowledge (Lanxon and Satariano, 2017 [14]). This fact was important a few years back, however, today in general users are technically adept and developers are also improving the usability of cryptocurrency. There are several open-sourced resources available that provide the guidelines for maintaining anonymity while using cryptocurrencies. On the other hand, the use of techniques to achieve anonymity will raise a red flag for the regulating bodies separating out the culprit for nefarious activities.

Security

Cryptocurrencies have many vulnerabilities that the fiat currencies do not have. As they are completely electronic modes of currency, they are susceptible to cyber-attacks. In past exchanges have been compromised that were insider-driven and external-led (Schwarz, Manheim, 2019 [13]). Such events have not happened in the traditional banking system so far and even if likely to happen will not result in losses for the depositors.

Decentralized wallets were created to reduce the threat from such hackers. These wallets of all forms (software, hardware, and paper) are susceptible to simple theft and hacking. There is also the possibility of protocol-level attacks wherein the flaw in software or the network can be exploited. These vulnerabilities are directly related to the usability and demand technological sophistication. It is not clear if these vulnerabilities will decrease or further increase in the future. Nonetheless, the use of cryptocurrencies in this context is unlikely.

Acceptance

The acceptance of cryptocurrencies is an important factor in terms of its use as a vehicle for terrorist activities. Terrorist groups operate in regions where the exchange of cryptocurrencies is difficult. There is a large network of Bitcoin-accepting ATMs in Europe however, there are only a few in the Middle East. Even if the terrorist groups successfully receive the funds anonymously, the use of these funds remains restricted. Exchange of these funds into local fiat currency would be difficult and merely the dark web purchase options are available. In case the consumer base increases in the future leading to the widespread use of cryptocurrency, it will make use by terrorist groups plausible. This would be possible assuming that the technical infrastructure at remote regions is available to the terrorist groups.

Reliability

Like any other stock exchange, cryptocurrencies are also unstable and subject to reliability. The blockchain technology and decentralized system were envisaged as a breakthrough, leading to a mass diaspora of funds to be a part of something promising. Although cryptocurrencies just a piece of code, its value has grown over a period and is subject to instability. There have been instances of many currencies that were launched and then later shut down because of neglect, scams or attacks. Bitcoin has been the most stable so far. The problem is less severe for the trader and short-term risks are minimal. In the case of the terrorist group, this is a sizable risk and may not be attractive.

Volume

The volumes of a transaction using cryptocurrencies is also a limitation for the terrorist organizations. The volumes that can be safely and economically transferred via cryptocurrency route may not meet the requirements of a terrorist group. Additionally, a spike in the volume of the transactions of a currency is likely to raise a red flag for the law enforcement agencies.

Possible Use of Cryptocurrencies by Terrorist Groups

The terrorist activities that involve funds are: (a) Fundraising (b) Illegal activities and arms trafficking (c) Funding attacks (d) Day to day operations (e) Remittance and transfer.

The anonymity of both sender and beneficiary is important and vulnerabilities of cryptocurrencies will dissuade the use in all activities above except for day to day operations. Day to day activities is mostly legal involving food, communications, and supplies (Schwarz, Manheim, 2019 [13]).

Usability is important for fundraising only as the donors are not expected to be technologically adept. Other activities are likely to be handled by technically qualified members of the terrorist groups.

Security is important for all the activities as any security breach would lead to loss of funds.

Acceptance is important for funding attacks and day to day operations. A cryptocurrency that is not acceptable for exchange in the region of operations or where the attack is planned will not serve the purpose.

Reliability is important for all the activities. Any cryptocurrency that is not likely to be existing in the future may not be attractive for the terrorist groups.

Apart from Remittance & transfer and day to day operations, other activities do not require a high volume of funds and hence cryptocurrencies might be used for these activities. The assessment is summarized below (Schwarz, Manheim, 2019 [13]):

From the above assessment, no cryptocurrency currently can serve all the needs of a terrorist group. Albeit, fundraising is an appropriate activity for the potential use of cryptocurrency with usability as the only most important criteria. This correlated well with the recent episodes of fundraising using cryptocurrency (Schwarz, Manheim, 2019 [13]).

In general, cryptocurrencies in its current form is not suited for terrorist funding. This does not preclude the possibility of its future use given that many players are improving the properties of cryptocurrencies discussed above. It still poses a credible threat.

Regulation of Cryptocurrency and its Impact

Banning the cryptocurrency stifles innovation. Hence many countries have allowed the legal companies to contribute towards the innovation. This also raises concerns for use of this technology by criminals and terrorist organizations. Law enforcement in the cryptocurrency domain hence becomes equally important. Currency exchanges in most democratic countries are regulated and the AML and KYC rules are enforced. This allows for identifying any wallet key and tracking the funds in the cryptocurrency form. The following regulations are proposed to maintain a balance between counter-terrorism financing (CTF) and innovation:

1.    Studies for a better understanding of technology and how it can improve the traditional financial services.

2.    Offer incentives and protection for private initiatives to halt terrorist financing.

3.    Establish a global KYC registry system through blockchain technology.

4.    Expand the geographic range of financial technology licensing.

5.    Higher risk appetite for the AML program in order to promulgate innovation.

6.    Encourage an increased level of cooperation, knowledge sharing and skills sharing between intelligence agencies.

7.    Maintain vigilance with regard to the evolution of new virtual currencies controlled by terrorist groups.

The unregulated exchanges BTC-e are the critical enabler for de-anonymization and tracking of funds. This involves coordination between intelligence agencies across the world. In the cybersecurity realm, the intelligence agencies have a complex relationship as they both cooperate and compete at any given time. In the past, intelligence agencies have successfully coordinated to bring down marketplaces like Silk Route on the dark web.

It is amply clear that cryptocurrency offer reduced the opportunity for use when brought into the regulated financial markets. The regulations enforce transacting only with identity, hence harming the trust factor. Therefore, regulations are a cause of concern for the developers and backers of cryptocurrency who foresee it as a solution to traditional financial institutions and state control. In this conflict between the state regulators and the supporter of cryptocurrency, the state is currently enforcing the rules. However, the regulation remains limited to certain countries and leaves gaps that are being exploited by criminals via illegal activities. (Schwarz, Manheim, 2019 [13]).

Conclusions

A new form of currency came into existence in the late 2000s. These currencies are not issued or backed by sovereign governments in the world. They are shortcodes existing in a blockchain ledger that may or may not be public. In essence, it is a peer to peer transaction with no intermediaries and transfers are cost-effective and fast. The currencies offer anonymity and trust which was taken a breakthrough. Although innovative, these features attracted criminals and terrorist groups as well. These perpetrators seek to move funds across borders quickly and at low cost without being noticed by the financial agencies. The cryptocurrency was initially not well understood by the regulatory agencies and hence soon became the mode of payment across the illegal domain like the dark web and terrorist fundraising. Drugs, illegal goods, and services were purchased anonymously using these currencies until the regulatory agencies realized the threat and acted. Nevertheless, the rapid growth of these currencies has posed a challenge to the governments and some have chosen to ban the currencies. The others are trying to regulate them in order to foster innovation and a plausible change in the traditional financial system.

Even after regulations and integral limitations of the cryptocurrency, they continue to be the vehicle of illegal money laundering, marketplaces, and criminal activities. Cryptocurrency will remain to be a challenge to every government unless a means to transfer money across borders with trust, speed, and low cost is promised. Ignoring the technology completely would facilitate the criminals and partial decentralization of the economy.

Furthermore, research has shown that in case a single cryptocurrency comes to exist that has widespread adoption, complete anonymity, high security and is subject to inconsistent regulation, then its use by terrorist groups will certainly increase. In the absence of such currency, the use of cryptocurrency as a vehicle of terrorist funds will be limited to lower volumes and possibly fundraising only.

References

1.      FINTRAC 2018. Terrorist Financing. Available from: https://www.fintrac-canafe.gc.ca/fintrac-canafe/definitions/terrorist-terroriste-eng.asp.

2.      T. Laurence, Blockchain for Dummies. 2017: John Wiley & Sons Inc.

3.      J. Davis 2011. The Crypto-Currency. Available from: https://www.newyorker.com/magazine/2011/10/10/the-crypto-currency.

4.      B. Singhal, G. Dhameja, and P. S. Panda, Beginning Blockchain. 2018: Apress.

5.      Ripple (2014). The Ripple Protocol: A Deep Dive for Finance Professionals. Journal, Available from: https://www.pdf-archive.com/2018/03/05/ripple-protocol-deep-dive-for-financial-professionals/ripple-protocol-deep-dive-for-financial-professionals.pdf.

6.      Osman ?en and Hüseyin Akarslan (2018). Use of Blockchain Technology in the Financing of DAESH. International Journal of Information Security Science, 7(4): p. 185-197.

7.      Steven M.Ziegler (2018). Innovative Legislation is Necessary to Address Terrorist & Criminal Use of Cryptocurrency. SSRN.

8.      EUROPOL (2018). Internet Organized Crime Threat Assessment. Available from: https://www.europol.europa.eu/sites/default/files/documents/iocta_2018_0.pdf.

9.      Z. K. Goldman, et al. (2017). Terrorist Use of Virtual Currencies. Energy, Economics & Security.

10.    Douglas Heaven 2018. Sitting with the Cyber-sleuths who Track Cryptocurrency Criminals. Available from: https://www.technologyreview.com/s/610807/sitting-with-the-cyber-sleuths-who-track-cryptocurrency-criminals/.

11.    Fergal Reid and Martin Harrigan (2012). An Analysis of Anonimity in the Bitcoin System. Physics and Society.

12.    Alex Biryukov and Ivan Pustogarv, Bitcoin over TOR is not a Good Idea, in Security and Privacy. 20, Institute of Electrical and Electronics Engineers: San Jose.

13.    Cynthia Dion Schwarz, David Manheim, and Patrick B Johnston (2019). Terrorist Use of Cryptocurrencies: Technical and Organizational Barriers and Future Threats. RAND.

14.    Nate Lanxon and Adam Satariano (2017). Hardly Anyone is Paying the Hackers? Because Using Bitcoin is Hard. Journal, Available from: https://www.bloomberg.com/news/articles/2017-05-15/hardly-anyone-paying-the-hackers-because-using-bitcoin-is-hard.