Money laundering can never be any easier due to the existence and intervention of cryptocurrency Bitcoin (Dark Wallet). In this case, money laundering refers to the concealment of backgrounds illegal money or funds that are made to appear legal or legitimate. Cybercriminals better known as hackers have developed a type of currency that is hard to track by any of the intelligence systems of government. Bitcoin has a software known as Dark Wallet that allows the buyers and sellers of the currency (Bitcoins) to transact while hiding their identity. It due to the dark web that money laundering has becomes an easier task for hackers to steal huge funds with a simple click of a mouse.
Globally, we use around 5% of the internet,that is apart from the cybercriminal, this is the only percentage that is accessible to the public. But, there exists another type of internet that is known as Dark Web. This existence of Dark Web led to the creation of Bitcoin. Bitcoin refers to electronic currency which can be used to purchase any merchandise anonymously. This kind of currency is not tied to any country, financial body or be subject to any kind of regulation. This is the key reason why it hard for government agencies to track them down. Bitcoin allows users to transact with different currencies. Despite the fact that Bitcoin is seen as beneficial due to the reduction of transaction and taxation costs the digital wallet these funds are stored can be hacked or breached by cybercriminals. Bitcoins are usually stored in form virtual money in a digital wallet that can be obtained in an iCloud or on a personal computer. The digital wallet unlike money in the bank is not insured by the Federal Deposit Insurance Corporation (FDIC). “Despite the fact that the Bitcoin transaction and payments are recorded or entered in a public log, names of buyers and sellers or in general the user’s information is never revealed – only their wallet Identification Codes are revealed”(money.cnn.com). This anonymity has attracted drug dealers and criminals to pay for their crimes electronically without being tracked by the government. Bitcoin has aided in making money laundering easy and accessible to everyone. Now that the police have been keeping tabs on Bitcoin, hackers have been developing an even more anonymous money laundering software, the Dark Wallet.
The Dark Wallet is a Bitcoin software designed to hide its user’s identity far more strongly than the protection Bitcoin offers. Through encryption and mixing together it’s clients transactions and payments, the software seeks to enable practicable and untraceable flows of funds via online which adds new fuel to the Web’s burgeoning black markets,” (www.wired.com). This extreme precaution taken to hide user’s identity may seem illegal, but it is not. The genius coders who made this software argue that the code is protected by the First Amendment rights to freedom of speech. This money laundering app might be used to aid in dangerous crimes as it conceals the identity of its users. Dark Wallet gives users the privacy they didn’t fully get from Bitcoin. Every Bitcoin payment is recorded in the blockchain, this allows any agency who cares to look trace back to the buyer’s Bitcoin address. Dark Wallet uses Coin-Join to combine a transaction of the clients at random who are making payments at the same time. The block chain is tasked to record the single movement of funds while the negotiation of that transaction is encrypted. Money launderers can transfer money with a generated stealth address. Dark Wallet has also taken precaution to make sure that when the stealth address is entered into the block-chain search tool absolutely nothing shows up.
Bitcoin Hacking Cases
The Dark Wallet makes money laundering easy and anonymous, appealing to criminals such as especially those on the Silk Road. The biggest money laundering bust of Bitcoins happened on the notorious Silk Road. 29,655 Bitcoins were seized by police after they caught Ross William Ulbricht, or ‘Dread Pirate Roberts’ for the illegal sale of drugs and hacking offenses. These 29,655 Bitcoins are worth more than $28 million, the 29 year old also had Bitcoins worth more than $130 million on his hard drive. The Silk Road since then has been shut down but it is still the only online drug marketplace where over one and half million anonymous users would use the secure Tor server to buy and sell illegal drugs. Roger Thomas Clark, or Variety Jones, was arrested in Thailand for narcotics trafficking and money laundering. Clark was the senior advisor and operator of the Silk Road. He was paid in hundreds and thousands of dollars for his work. To access the Silk Road a Tor server must be downloaded on the user’s computer. This is simple and free, then the user looks up the Silk Road in the search bar. The accessibility to thousands of narcotics which leads to money laundering is sickeningly easy. Money laundering is incredibly easy and the Silk Road did aide in countless laundering crimes. The crypto-currency of today, along with encryption software, has made money laundering easier than ever. The Dark Web led to the Bitcoin currency, the Dark Wallet, and the Silk Road.
Another particular case involved the Tokyo based Mt. Gox. In early 2014 it was revealed that hackers had been taking customers’ Bitcoins from the company for years, causing the company a loss of more than $460 million (McMillian, 2014). This incident was partially self-inflicted since the company lacked vital CyberSecurity policies. The company had no version control software, failed to utilize a test environment for software changes, and had only one approving official for any changes made to the site’s source code (McMillian, 2014).
In 2016 Bitfinex had 120,000 Bitcoins, valued at $72 million, stolen (Smith, 2016). While there haven’t been, any details released regarding how the attack was carried out successfully, this case differs from Mt. Gox due to the fact Bitfinex actually utilized proven security measures. Bitfinex had the multi-signature technology, meaning private keys for every Bitcoin were split into several copies and hid in multiple locations (Nakamura, 2016). A sign-off is needed from a majority of the copies before the Bitcoin can be moved, which requires hackers to compromise multiple systems to access the Bitcoins (Nakamura, 2016).
How Bitcoin is Hacked
Since 2009, Bitcoin (BTC) has steadily grown into a globally used digital currency. It was originally developed by Satoshi Nakamoto with the intention of the direct consumer to business transactions and no transaction fees (CNN Money, 2016). Bitcoins allow individuals to make anonymous purchases, which makes it difficult to trace any Bitcoin transaction back to the user (CNN Money, 2016). While Bitcoin has been advantageous for many users, there has been an increase in successful malicious breaches into user’s digital wallets and the online exchanges that facilitate the selling and buying of Bitcoins. This has become troublesome since, unlike banks, Bitcoins are not insured by the FDIC.
Theft is a continuing problem with Bitcoin and cryptocurrency, so it is the job of the upper management to support their employees in adversity and to take steps to fix mistakes. That was not the case with most of the companies involved in these Bitcoin breaches. While the site was offline, Mark Karpeles, CEO of Mt. Gox, took the weekend off while two volunteers worked to fix the problem. On the same period, he proceeded to ignore the problem (McMillian, 2014). Karpeles would also distract himself from the real issues by fixing servers, setting up networks, and installing gadgets (McMillian, 2014). A developer who worked at Mt. Gox stated that the software used and pushed out to exchange customers was untested and the only person that could change the site to make it better was Karpeles. He failed at leadership, distracted himself with issues lacking urgency and placed the real issues on the back burner. In short, Karpeles failed to put in the necessary time and effort to be a great leader.
Solving the Problem
As mentioned earlier, the Bitfinex hack is still unresolved. Before the hack, the exchange was handling roughly $407 million in monthly trading. While the company is still working with authorities, many of the exchange’s traders whose funds have disappeared are trying to get answers. It’s difficult to even find information on leadership within Bitfinex, let alone answers on security. The firm is said to be headquartered in Hong Kong, but does not have a head office or central office. Per a CFTC document issued after the company was fined, Bitfinex registered in the British Virgin Islands under the name BFNXA (Horwitx, 2016). The leadership of the Bitfinex exchange has failed to reach out to the traders about the hack as well as the lack of transparency about basic information. This has many believing that Bitfinex’s leaders are crooks.
Good leadership could have helped both Mt. Gox and Bitfinex. One particular example of good leadership is Silk Road 2.0 where the admin, Defcon, took full responsibility for the site being hacked and did not blame the users. “I have failed you as a leader, and am completely devastated by today’s discoveries…It is a crushing blow. I cannot find the words to express how deeply I want this movement to be safe from the very threats I just watched materialize during
my watch” (Silk Road, 2014). By admitting fault, he was able to better improve his security for the future. Bitfinex and Mt. Gox could take notes about how he handled this situation. Possessing superior leadership qualities does not necessarily mean hacks won’t happen, but it does help issues be resolved in a timely manner and gives customers reassurance in the company and product.
While the leaders of a company can make, or break the company’s ability to bounce back after a hack, CyberSecurity professionals exist to find ways to secure data within the system and to determine how to make the best use of digital security. CyberSecurity professionals must perform frequent regulatory compliance, strength and threat assessments. Bitcoin Foundation, a public face of the United States Bitcoin community, released a report stating that Bitcoin mining had a major threat within its protocol. Bitcoin mining is just another way of the discovery of new Bitcoins, just like finding gold. It simply means the verification of a Bitcoin transaction. To make sure his Bitcoins are genuine, the miners begin trying to solve a problem in order to claim the reward. The reward boosts mining and includes both the transaction fees as well the release of new Bitcoins (Kelleher, 2014). This situation could be compromised by using what is known as the 51 percent attack, where miners can boost half of the mining power on the network. Hackers can get away with spending a single Bitcoin multiple times or creating invalidated transactions conducted by others (Sankin, 2015). So, basically, a company that controls most of the mining power could be compromised to potentially spend the same Bitcoin twice. This causes issues when it comes to compliance and finances.
Compliance audits are used to determine whether or not a company has complied with the various laws and regulations required in the industry. This type of audit is especially important in the financial industry, where activities are regulated primarily by the Securities and
Exchange Commission (Lewis, 2016). Bitcoin is not described as a financial industry but rather a virtual currency. Virtual currencies are a concern for IT professionals and a potential administrator problem for the systems that may use them. Bitcoin is a digitized currency which means there is no a regulatory body or financial institution such as a central bank, simply because the framework is an open-source protocol which does not belong to any country, or union of states, such as the US or EU which makes it hard to regulate it. However, most nations want to regulate them because they want to implement consumer protection, anti-fraud and anti-money laundering measures, and data protection. Additionally, they feel like they are missing out on tax opportunities (Adshead, 2014).
Compliance and strength assessments are the same because when conducting compliance audits two things are accomplished. First, these assessments give a company its best chance to catch compliance issues and threats before they become a problem. Second, they show the federal examiners that the company is doing everything in its power to adhere to the required regulations (Carabelli, 2016). When the compliance assessment is complete the reports include suggestions and recommendations for how the company can improve their protocols and security issues. Compliance assessments could assist companies like Bitcoin in protecting their trading exchanges.
Mitigating Hacking Cases
In the six years Bitcoin, has been around, 33% of the Bitcoin trading exchanges were hacked, according to a study funded by the US Department of Homeland Security and Reuters (2016). Each transaction is publicly recorded, irreversible and anonymous which makes it really hard to trace it back to an individual. The qualities that make it so secure also make it irresistibly lucrative for hackers. Just as money needs to be safe-guarded from other people, Bitcoins need to be safe guarded against hackers. Bitcoins take on the same role as cash and credit cards, so people and organizations need to adopt secure methods to protect their funds.
Despite all of the Bitcoin breaches, there are a couple of ways cryptocurrency can be protected. First, save cryptocurrency in a wallet that is offline or in cold-storage (Wong, 2016) and only move the funds online when they need to be transferred. This is a good practice most of the cryptocurrency exchanges use to protect their funds, because it makes it really difficult for the hackers to access. Bitfinex’s $65 million heists could have been prevented if the exchange stored Bitcoins in cold storage instead of storing them online. If organizations want to keep their funds online, a second way to protect their cryptocurrency is to implement two-factor authentication. There are different forms of two-factor authentication, but the most common one companies use is where verification is required through the user’s phone before transferring any funds.
Future Hacking Prediction
There is no denying there are indeed security issues involved with Bitcoin usage. However, the Bitcoin breaches have less to do with Bitcoin itself and a lot more to do with the people and organizations handling and storing the Bitcoins. The above-mentioned measures are exactly what organizations, dealing in Bitcoins, need if they don’t want breaches to take place. As of right now the total value of the Bitcoin market is a little under $10 billion (Mike, 2016). Even though it is a very small portion of the global financial market, it has potential to be safer and a lot easier to use than traditional currencies. All these hacks have been unfortunate because people have lost a lot of money. This is a good reminder that there is still work for the industry to do, and if the Bitcoin industry continues to focus its attention on privacy and security it could revolutionize global financial markets.
Bitcoin is nakedly public yet still anonymous as it uses the user’s wallet IP address instead of the users billing address. The Dark Wallet has led to endless money laundering as it combines user’s transactions to make completely anonymous sales. When the Silk Road was taken down, police discovered the largest bust of money laundered through the currency of Bitcoins. The Dark Web is full of money laundering opportunities that can be accessed easily. Some might venture into the Deep Web and find themselves caught up in the Dark Web and it’s illegal activities. Money laundering is no longer a hard task from the past, it has caught up to the Internet and it’s fast easy access.
(2016). The risk of Bitcoin Hacks and Losses Is Very Real. Retrieved from: http://fortune.com/2016/08/29/risk-of-Bitcoin-hacking-is-real/
@. (n.d.). How the Bitfinex Heist Could Have Been Avoided. Retrieved December 05, 2016, from http://hackingdistributed.com/2016/08/03/how-bitfinex-heist-could-have-been-avoided/
Adshead, A. (2014, September). Compliance for Bitcoin, virtual currencies and storage and backup . Retrieved from Computer Weekly: http://www.computerweekly.com/podcast/Compliance-for-Bitcoin-virtual-currencies-and-storage-and-backup
Advice, B. (2016, September 2016). Increasing Threats Of Malware Put Bitcoin Bitcoin In Danger. Retrieved from Bitcoin Advice: http://Bitcoinadvice.org/2016/09/21/increasing-threats-malware-put-Bitcoin-Bitcoin-danger/
Bitcoin Thefts. (2016). Retrieved December 05, 2016, from http://satoshilabs.com/news/Bitcoin-thefts/
Carabelli, C. (2016). How to Develop an Effective Compliance Audit Process. Retrieved from Small Business: http://smallbusiness.chron.com/develop-effective-compliance-audit-process-15475.html
CNN Money. (2016). What is Bitcoin? Retrieved from http://money.cnn.com/infographic/technology/what-is-Bitcoin/
Greenberg, A. (2016). Silk Road 2.0 ‘Hack’ Blamed on Bitcoin Bug, All Funds Stolen. Retrieved from http://www.forbes.com/sites/andygreenberg/2014/02/13/silk-road-2-0-hacked-using-Bitcoin-bug-all-its-funds-stolen/#5912595b74a5
Horwitz, J. (2016). The $65 million Bitfinex hack shows that it is impossible to tell a good Bitcoin company from a bad one. Retrieved December 07, 2016, from http://qz.com/753958/the-65-million-bitfinex-hack-shows-that-it-is-impossible-to-tell-a-good-Bitcoin-company-from-a-bad-one/
Kelleher, J. (2014, April 30). What is Bitcoin Mining? . Retrieved from Investopedia: http://www.investopedia.com/articles/investing/043014/what-Bitcoin-mining.asp
Lewis, J. (2016). Operational vs. Compliance Auditing. Retrieved from Small Business: http://smallbusiness.chron.com/operational-vs-compliance-auditing-38237.html
McMillian, R. (2014, March 14). The inside story of Mt. Gox, Bitcoin’s $460 million disaster. Retrieved from https://www.wired.com/2014/03/Bitcoin-exchange/
Mike. (2016). Believing in Bitcoin. Retrieved from: https://blog.bitgo.com/believing-in-Bitcoin/
Nakamura, Y. (2016, August 17). The wretched, endless cycle of Bitcoin hacks. Retrieved from https://www.bloomberg.com/news/articles/2016-08-17/the-wretched-endless-cycle-of-Bitcoin-hacks
Smith, M. (2016, August 3). Another huge Bitcoin heist: Bitcoin worth $72 million stolen from Bitfinex. Retrieved from http://www.networkworld.com/article/3103894/security/another-huge-Bitcoin-heist-worth-72-million-when-Bitcoin-poofed-from-bitfinex.html
What is Bitcoin. (2009-2016). Retrieved from Bitcoin.org: https://Bitcoin.org/en/faq#what-is-Bitcoin
Wong, J. I. (2016). Bitcoin exchanges can’t stop getting hacked, no matter what security system they use. Retrieved from: http://qz.com/749789/Bitcoin-exchanges-cant-stop-getting-hacked-no-matter-what-security-system-they-use/