On Feb. 11, Future Tense—a partnership of Slate, the New America Foundation, and Arizona State University—will host an event on cryptocurrencies at the New America office in Washington, D.C.
“Bitcoin Can Now Buy You Breakfast in Glasgow,” reads a typical recent headline about the increasingly popular cryptocurrency. As media attention has shifted from Bitcoin’s meteoric rise in value to the question of its long-term viability, headlines have cropped up touting how you can now use your Bitcoins to pay for everything from college degrees and space travel to Lamborghinis and houses.
Just as legitimate consumers and companies are exploring and adopting new uses for cryptocurrencies, so, too, are criminals. As awareness about the currency has spread and its popularity has increased, Bitcoins have played a prominent role in several cybercrime stories, including the high-profile shutdown of the drug marketplace Silk Road, on which all transactions were conducted using Bitcoins, as well as the spread of the ransomware CryptoLocker, which held victims’ hard drives hostage unless they made payments in Bitcoins. Then there was the phishing scheme aimed at stealing recipients’ Bitcoins. And the Bitcoin charity donation of 180 BTC (then worth about $2,600, now worth $150,000, according to Forbes) that coincided with raids of cryptocurrency exchanges.
These aren’t new problems, by any means. All of these crimes—extortion, theft, and selling illegal drugs—predate Bitcoins. For that matter, all of them predate the Internet. But just as the rise of the Internet changed the scale and nature of certain types of crime, the rise of cryptocurrencies like Bitcoin has the potential to alter the ways that some familiar crimes are conducted online and how they may or may not be stopped. Since we’re still struggling to get a handle on how to deal with online crimes that involve standard currencies, there’s a good chance that it will take some time still to figure out all the necessary tools and stakeholders for detecting, investigating, and preventing cryptocurrency-based crime.
Despite some claims to the contrary, cryptocurrencies are by no means just for criminals. You might choose to use Bitcoins because you don’t want some purchases linked to your main bank accounts (like, say, a breakfast in Glasgow with someone other than your spouse, or an embarrassing sex toy, or a lifetime subscription to the Justin Bieber fan club), or because you don’t trust some merchants to protect your credit card data. And those merchants might, in turn, choose to accept Bitcoin payments to avoid paying card processing fees and chargebacks.
Nor are Bitcoins the unmarked bills of the digital era. As many people have pointed out, Bitcoin itself does not necessarily protect users’ anonymity since the public records of all Bitcoin transactions can potentially be used to piece together spender’s identities. That’s why some are attempting to develop other, more anonymous cryptocurrencies.
Bitcoins can, however, help criminals circumvent some of the defensive measures that we currently rely on to protect against financial crime. An April 2012 report by the FBI titled “Bitcoin Virtual Currency: Unique Features Present Distinct Challenges for Deterring Illicit Activity” highlights some of the ways that Bitcoin, in particular, might upend existing cybercrime-fighting efforts.
“If Bitcoin stabilizes and grows in popularity, it will become an increasingly useful tool for various illegal activities beyond the cyber realm,” the report predicts, explaining: “Since Bitcoin does not have a centralized authority, law enforcement faces difficulties detecting suspicious activity, identifying users, and obtaining transaction records—problems that might attract malicious actors to Bitcoin. Bitcoin might also logically attract money launderers and other criminals who avoid traditional financial systems by using the Internet to conduct global monetary transfers.”
At the heart of the FBI’s concerns is that Bitcoin has no “centralized authority,” a body equivalent to the banks and payment processors that play such a crucial role in monitoring for and protecting against online financial crime. It is the credit card companies that are often responsible for detecting major data breaches—like those reported in recent months to have targeted Target, Neiman Marcus, Michaels, and prominent hotel chains—and notifying the affected companies. By tracking patterns across fraud reports from customers, these payment processors can uncover breaches long before the victims themselves.
And these financial institutions do much more than just detect major breaches. In December, following the disclosure of the Target breach, JPMorgan Chase & Co. announced that it would limit customers who had used their debit cards at Target stores to $100 in cash withdrawals and $300 in purchases per day, essentially devaluing the stolen card information for the thieves. The Payment Card Industry Security Standards Council, formed in 2006 by a coalition of major credit card companies, even publishes a list of security requirements for businesses to help them protect sensitive credit card data.
In some sense, these centralized financial authorities—companies like JPMorgan Chase, Bank of America, Visa, MasterCard, and others—are at the heart of security measures defending against every stage of online financial crime. They dictate the preventive measures businesses should take, detect the breaches that occur when those measures fail, and try to stem the cash flow to the successful criminals.
Sources: http://www.coinsetter.com/bitcoin-exchange http://slate.me/N4sA1o