Anonymous Banking for Cybercriminals
Black hat hackers do what they do for a variety of reasons. Some do it for the fun of the challenge. Some to enhance their status amongst their peers. Some to deliberately cause chaos. And then there’s the majority, who do what they do to make money. But if you’re a cybercriminal, how do you get paid for what you do? After all, your anonymity is critical and every digital currency ever created – from government ones like US dollars or Euros, to PayPal to air miles or even supermarket points – are all regulated and centrally controlled. And most important, they’re all traceable.
Real cash would make sense in that it’s hard to track its physical movement. But as a hacker who wishes to remain anonymous, anything linking you back to the physical world (e.g. going to a real world meeting to receive payment in cash) is exposing your real world self to danger. Especially in a world full of cyber-criminals, gangs and maffia.
Is there an untraceable currency out there? And is it unregulated by governments? And without central control? The answer is actually, yes. And it’s called Bitcoin.
In writing my novel, Invasion of Privacy, in which an illicit website forms a key part of the plot, I needed to identify a way for my antagonist to be active online, pay to use the illicit site, but remain completely untraceable in the real world. After all, I didn’t want to make it easy for the good-guys in my book (a white hat hacker and a police detective) to track him down. It would have turned a nice complex novel into a quick short story! And so in my research I discovered Bitcoin.
Bitcoin was developed with high principles in mind. It has been designed around the idea of a new form of money that uses cryptography to control its creation and transactions, rather than relying on central authorities. “Bitcoin is a triple entry bookkeeping system where a public ledger of every Bitcoin transaction is validated and distributed in real-time through the peer-to-peer Bitcoin network. The whole network is secured and regulated through cryptography. Anyone can process transactions using computer processing power, often with specialized hardware, and potentially earn a reward in bitcoins for this service. This is often called “bitcoin mining”.” (bitcoin.org).
Because of the way Bitcoin works, traders do not need to reveal personal information to merchants. This decreases the amount of data available to identify who is transacting. Ironically, this also acts as significant protection against identity theft, credit card fraud, and several other attack vectors. Bitcoin transactions are irreversible which prevents chargebacks or frauds, and transaction traceability means it is impossible to counterfeit bit coins.
Minimal effort is required to maintain anonymity with Bitcoin. All Bitcoin transactions are stored publicly and permanently on the network, which means anyone can see the balance and transactions of any Bitcoin address. However, the identity of the owner cannot be associated with their Bitcoin address until personal information is revealed by the owner during an exchange. This is why Bitcoin owners are recommended to use many different Bitcoin addresses, ideally a new one each time they receive money. And they are also recommended to hide their computer’s IP address using tools like Tor so that it cannot be logged.
The Bitcoin network has been running continuously for more than two years and now transacts millions of USD in daily trade volume distributed across 50,000 transactions. As of April 2013, the total value of all bitcoins in circulation is over US$1.3 billion.
Bitcoin lowers barriers for cross-border trading on the internet by enabling anyone in any country to transact at will, without requiring permission from a government, a PayPal or a Visa. As reported extensively in the press, there has been a massive rise of cyber-criminal activity from Eastern Block countries, China and even countries with very limited or controlled currencies. In some countries, Bitcoin is the only effective system for a trusted means of payment.
WordPress themselves (the company that I use as the platform for this blog site) supports Bitcoin payments for good reason. Says WordPress, “PayPal alone blocks access from over 60 countries, and many credit card companies have similar restrictions … Whatever the reason, we don’t think an individual blogger from Haiti, Ethiopia, or Kenya should have diminished access to the blogosphere because of payment issues they can’t control. Our goal is to enable people, not block them.”
And so, it seems there is a direct correlation between the massive rise in global cyber-criminal activity and the growing liquidity of Bitcoin as a means of payment. Although not the only reasons for their explosive growth, each is surely feeding the other.
- How to Explain Bitcoin to a 7-Year-Old (Blog: Tony Diepenbrock IV)
- FBI concerned about Bitcoin usage among cybercriminals (threatpost)
- Hackers are trying to create an untraceable and comprehensive financial system using bitcoin (qz.com)
- What’s a Bitcoin and why would you want one? (windowssecrets.com)
- Bitcoin, a currency and payments opportunity for Zimbabweans? (techzim.co.zw)
@GuilDiego How about this FBI report? Examples in it are Zeus botnet and Lulzsec members accepting bitcoin payments. http://t.co/O7gqmJcyuT
— Ian Sutherland (@iansuth) May 26, 2013