FBI's Recovery Of Colonial Pipeline Bitcoin Ransom Highlights How The 'Ban Crypto To Stop Ransomware' Cries Were Wrong Again

from the that's-not-how-it-works dept

Last month we highlighted what seemed like a fairly silly Wall Street Journal op-ed arguing that banning cryptocurrency was the best way to stop ransomware, in response (mainly) to the well publicized ransomware attack on Colonial Pipeline, which resulted in the company shutting down the flow of oil while it sorted things out. As we pointed out, not only was the idea of banning cryptocurrency unworkable, it was unlikely to do much to stop ransomware. Unfortunately, it appears that a number of other cryptocurrency haters jumped on this moment to push the idea even further, claiming that "society has a Bitcoin problem."

Of course, part of the key narrative in all of these pieces is that cryptocurrency and Bitcoin in particular, somehow make it easier for criminals to "get away" with these kinds of ransom demands, highlighting that it is somewhat easier to move around large values of Bitcoin than cash. However, as we noted in our original piece, the idea that cryptocurrency allows criminals to "get away" seemed extremely overblown, as we've seen plenty of cases where criminals using cryptocurrency were caught. And, as if to put an exclamation point on all of this, soon after the huge moral panic, the FBI announced that it had recovered over half of the money Colonial Pipeline had paid.

And, as the FBI special agent's affidavit showed, this was done in part by tracking how the money flowed across the public ledger. The NY Times ran an article noting that the FBI's recovery of the money here "upends the idea that Bitcoin is untraceable." A bunch of long time Bitcoin/cryptocurrency followers scoffed at the NY Times article, because they've long known that Bitcoin's public ledger has always made it so that transactions are traceable. But it's actually important for people not deeply in the Bitcoin space to understand this as well. And the problem with so many of the "ransomware is really a cryptocurrency problem" articles, was that they implied otherwise -- that cryptocurrency was somehow totally and completely untraceable.

As the NY Times article explains, what's important here is that it demonstrates that for all the hand wringing about cryptocurrencies and ransomware, the reality is that law enforcement is evolving with the times, and using the same kind of law enforcement detective work it's supposed to use to solve crimes.

Yet for the growing community of cryptocurrency enthusiasts and investors, the fact that federal investigators had tracked the ransom as it moved through at least 23 different electronic accounts belonging to DarkSide, the hacking collective, before accessing one account showed that law enforcement was growing along with the industry.

That’s because the same properties that make cryptocurrencies attractive to cybercriminals — the ability to transfer money instantaneously without a bank’s permission — can be leveraged by law enforcement to track and seize criminals’ funds at the speed of the internet.

That's an important point and one that often gets lost in the FUD surrounding new technologies (such as encryption) that might make law enforcement's job slightly more complex in the short run. But, at the same time, law enforcement needs to learn to adapt, not by undermining these technologies, but understanding how they work, and understanding how to do the actual legwork to trace those abusing the technology for criminal purposes.

So rather than jumping to the conclusion that we need to ban this or that technology because it makes it slightly more challenging for law enforcement, this is actually an example showing how if law enforcement does their job properly, the technology is not the problem.

Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: bitcoin, cryptocurrency, detective work, fbi, law enforcement, ransomeware, recovery
Companies: colonial pipeline


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • identicon
    Anonymous Coward, 16 Jun 2021 @ 2:39pm

    Under that idea, one may as well ban banks since they still launder far, far more money (within the rules, and even with all the ridiculous post-09/11 reporting) for traditional criminal concerns.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 20 Jun 2021 @ 1:40am

      Re:

      Not even within the rules. The rules are just so toothless there's no reason to follow them. Stealing $1 is a crime, stealing billions is just good business.

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 16 Jun 2021 @ 2:49pm

    Would the folks pushing the "ban Bitcoin" wagon please pull their wagon to the side? The HSBC laundering truck wants to pass...

    reply to this | link to this | view in chronology ]

    • identicon
      MightyMetricBatman, 16 Jun 2021 @ 3:23pm

      Re:

      The ability of the government to look into the records of private parties makes dealing with laundering by banks more difficult than an FBI that is trained to track down Bitcoin wallets which is completely public.

      reply to this | link to this | view in chronology ]

  • icon
    Bloof (profile), 16 Jun 2021 @ 3:00pm

    Ban Bitcoin to stop assholes burning the planet down to produce gambling tokens and scam grannies out of their retirement savings.

    reply to this | link to this | view in chronology ]

  • identicon
    Glenn, 16 Jun 2021 @ 3:44pm

    No, ban every UoW-based crypto because it's destroying the climate (and crippling the GPU market).

    reply to this | link to this | view in chronology ]

  • icon
    Toom1275 (profile), 16 Jun 2021 @ 4:49pm

    Why omit the part where the funds were only traced because it was bitcoin, which the FBI had the needed control of? If it were monero, they'd have been out of luck.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 16 Jun 2021 @ 4:56pm

    Are ya'll paid in Bitcoin?

    reply to this | link to this | view in chronology ]

  • identicon
    Pixelation, 16 Jun 2021 @ 5:53pm

    The criminals sure are loudly complaining about a crypto ban...

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 16 Jun 2021 @ 7:18pm

    The title of this article is not accurate. Crypto is very interesting but has a lot of lot of challenges...and some fundamental problems. Crypto makes payment for ransomware MUCH easier to manage securely at scale with near impunity. At this point, it's impossible to "crack" the private keys (quantum could change this, but not yet). The only way these money was re-claimed was transferring to some exchange/washer/crypto-bank that was under US control/cooperation. If the thieves were smart, they could have help this safe and off-ramped somewhere in China. They only got caught because they were very sloppy. Don't expect future criminals to fall for some of the same pitfalls. Crypto provides some value, but it's largely a net negative. The permanent public record is very nice (for BitCoin not ~Monero), but it's much harder to repatriate funds than with standard banks, including HSBC. All big banks have significant KYC/AML (Know your customer, Anti-money Laundering) which they need to run for large transactions. Effectively none of that exists in Crypto. Yes bad stuff happens in traditional banking, but crypto allows criminals to operate in public with impunity. Also, PoW crypto should be outlawed for climate reasons (PoS or DPoS) should be the only way forward.

    reply to this | link to this | view in chronology ]

    • icon
      Scary Devil Monastery (profile), 17 Jun 2021 @ 12:27am

      Re:

      "Yes bad stuff happens in traditional banking, but crypto allows criminals to operate in public with impunity."

      Well, yeah, but so does a crowbar, or not wearing a sandwich board at all times proclaiming your identity. It really doesn't matter that crypto also enables criminals privacy. Crypto is essentially just communication.

      "Also, PoW crypto should be outlawed for climate reasons..."

      That argument is dead from the start unless you're willing to accept the "side effect" of mandating government surveillance of all private communication. It's literal "Ministry of Truth" stuff we're talking about here.

      "Crypto provides some value, but it's largely a net negative."

      THAT is just sheer and utter bullshit. There are probably a few billion people around the world who are VERY happy they can buy stuff online and call their doctor/lawyer/client in the knowledge that not everyone inclined to snoop can overhear them. Without encryption the internet truly would be nothing but cat memes and clickbait.

      reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 17 Jun 2021 @ 5:57am

        For all of these points, I think you confused my use of Crypto with encryption. I was only referring to crypto currency, and I'll stand by my points in that respect.

        reply to this | link to this | view in chronology ]

        • icon
          Scary Devil Monastery (profile), 18 Jun 2021 @ 1:34am

          Re:

          " I was only referring to crypto currency, and I'll stand by my points in that respect."

          All of my arguments also unavoidably refer to crypto currency. The reality is that "crypto currency" is nothing more than an exchange of encrypted data through a network. It's in most aspects identical to a skype/teams/zoom chat, a client-bank transaction, or a bittorrent exchange.

          So your argument remains one aimed at encrypted communication as a whole because no black magic exists to selectively ban undesired communication.

          It's about as viable as trying to say that from now on no one may use a certain set of words with the naíve hope that this will be possible while people are still allowed to speak in private.

          reply to this | link to this | view in chronology ]

          • icon
            Scary Devil Monastery (profile), 18 Jun 2021 @ 1:38am

            Re: Re:

            [Addendum]

            This problem is also compounded in that normal currency is also digital and in reality as ephemeral as the various flavors of bitcoin. The difference between two sets of numbers in digital ledgers thus becomes an almost religious argument as it's an entirely faith-based discussion around which set of numbers is more "real".

            reply to this | link to this | view in chronology ]

            • icon
              PaulT (profile), 18 Jun 2021 @ 2:10am

              Re: Re: Re:

              Yes, the main difference between crypto and "normal" currency in the digital age is that crypto uses a collaborative blockchain instead of a central bank to move the numbers. That has many advantages (and some disadvantages), but pretending that the only reason it exists is to avoid culpability for criminals, through this lack of central control, is a losing argument not based in reality.

              It's also worth noting that despite claims of complete anonymity, criminals can still be apprehended and the funds blocked. They've been somewhat coy over exactly how it happened, but a majority of the funds paid to the Colonial pipeline hackers has been seized by the FBI, and consensus seems to be that they're only likely to have been able to do that if they have access to property of at least some of the people involved. Crypto might well be a new and potentially difficult speedbump to law enforcement, but it's not a magic bullet that allows people to get away with things undetected. In the meantime, it's gaining perfectly legal and positive use cases across the globe that traditional banking makes difficult or impossible.

              reply to this | link to this | view in chronology ]

              • icon
                Scary Devil Monastery (profile), 22 Jun 2021 @ 8:14am

                Re: Re: Re: Re:

                "Yes, the main difference between crypto and "normal" currency in the digital age is that crypto uses a collaborative blockchain instead of a central bank to move the numbers."

                And this of course is what makes bitcoin possible in the first place; It's hard to argue the disadvantages of monopoly money when the real money is also more or less monopoly money.

                This battle was lost when official currency made the leap to digital. Cryptocurrencies are, thus, here to stay for as long as sufficient numbers of people are willing to circulate them.

                reply to this | link to this | view in chronology ]

                • icon
                  Lostinlodos (profile), 22 Jun 2021 @ 12:31pm

                  Re: Re: Re: Re: Re:

                  “ the real money is also more or less monopoly money.”
                  This has been the case for a long time.
                  Things the early 80s nearly all financial systems lost their hard trade backing.

                  Actually understanding linking of a reserve backing to a currency today via open market platforms can be seen in digital translations. Digital gold, silver etc.
                  I think we’re past the point of pulling a standard back in though. Obviously linking a “dollar” to an ounce, or more realistically a new $2000 bill to a gold ounce, would spin the money on a wild ride!
                  We see it can be done though as people use bitcoin worldwide. And the US dollar. Neither of which have any real value.

                  reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 16 Jun 2021 @ 7:48pm

    So how does the guy get his $200 million in lost bitcoin back?

    Bitcoin definitely enables crime even more than cash as it doesn't require physical storage. Then again you could just bill something as HVAC repair to accomplish the same goal.

    reply to this | link to this | view in chronology ]

    • icon
      PaulT (profile), 16 Jun 2021 @ 9:36pm

      Re:

      "So how does the guy get his $200 million in lost bitcoin back?"

      Same way he'd recover his cash if he lost it - he needs to locate it and prove ownership. If he lost the key that proves he owns it, well...

      "Bitcoin definitely enables crime even more than cash as it doesn't require physical storage"

      Define "more crime". If you mean that it makes types of crime that would be difficult or impossible with cash possible, then maybe, but then so do bank transfers, stock market manipulation and securities fraud, and I don't recall people calling for stock, securities and transfers to be banned as a result.

      If you mean that more crime overall is made possible, I somehow doubt that in the long term, it will be a long time before people are paying their local drug dealers or hookers in bitcoin.

      reply to this | link to this | view in chronology ]

    • icon
      Scary Devil Monastery (profile), 17 Jun 2021 @ 12:30am

      Re:

      "Bitcoin definitely enables crime even more than cash as it doesn't require physical storage."

      That's not a factor of Bitcoin, it's a factor of digitally held currency in general. The very second the ATM card was invented fiscal crimes skyrocketed - while of course physical heists dropped. On the one hand, more identity theft and money laundering. On the other hand less bank robberies and armored car heists. It's a tradeoff.

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 17 Jun 2021 @ 5:54am

    Bitcoin makes it a lot easier to get paid for ransomware attacks why do ransomware gangs mostly live in Russia
    Where they are out of reach of the USA criminal justice system
    The rise in the value of bitcoin seems to have coincided
    with the vast increase in the no of ransomware attacks
    with increased payouts required
    You might say there's almost a cold war going on with attacks on hospitals and infrastructure company's
    At this point ransomware hacks are catching up with
    terrorism in terms of economic costs
    I'd imagine hackers will be more careful in terms of which
    Bitcoin exchanges they use
    In terms of damage to the environment bitcoin is causing
    large energy generation costs simply to make a digital cpin

    reply to this | link to this | view in chronology ]

    • icon
      ECA (profile), 17 Jun 2021 @ 12:21pm

      Re:

      But AC.
      Whats your opinion on Services giving direct access to things, THAT should NOT have access tot he internet.
      Everyone thinks MicroStuff is the best of everything. And dont understand that SECURITY is their OWN responsibility, no matter the system they build.
      How much protection do you run? How often do YOU update and monitor your system? How do you read your email(TXT, HTML, HTML 5)? Think hard Please. HOW often do you have to do a Full reset of your computer?
      Compare all your comments to REAL life money and other things. CASH is CASH, and there is little to track it, and it dont matter what nation you take it to. You can have a Drop bank, they auto ships to another, then another, and have small amounts Picked up at each. By the end you have hit 20-30 bank transfers, and $1000 picked up at each location. Then those people get into a car and LEAVE to another country. FEW other nations are HUGE, and running across a border is 200 miles away.

      reply to this | link to this | view in chronology ]

  • icon
    ECA (profile), 17 Jun 2021 @ 12:13pm

    Hmmm.

    Lets ask,
    Who dont like Bitcoin and perpetual Money?
    Who gets to control it?

    Banks LOVE us, as they get to charge us money JUST to hold our money.
    They also get to USE that money, and make even more interest WITH IT, beyond a service fee.
    Gov. hates it because its underground money, that ISNT taxed, Every time its used. Which is funny as our money is supposed to be taxed 1 time.
    Rich people either love or hate it, as you can use it as a GREAT investment. If you had started at the beginning, they were giving away about 50 coins just to sign up. What would that be worth now?
    But the hard part would be selling it off to make Real cash, as you couldnt sell at full face value, take a 10-20% loss on it, but still make 100x what you paid years ago.
    But then comes the tax man.

    reply to this | link to this | view in chronology ]

  • identicon
    Michael, 17 Jun 2021 @ 12:57pm

    It's not possible anyway

    All of this ignores the main problem: The government has no ability to "ban" pretty much anything that's open source, because it's already out there and fully decentralized.

    The US could "ban" crypto the same way they "ban" illegal torrenting, and we'd all just laugh.

    reply to this | link to this | view in chronology ]

  • icon
    Lostinlodos (profile), 19 Jun 2021 @ 12:32pm

    Two problems; few solution

    The pipeline brought ransomware to the international front page. Good.
    The focus was totally corrupt!
    The major issue here is why/how does a major energy source get hacked in the first place!!?
    Was the system improperly secured or did some dunce give away the key to the front door.
    Why was there no system wide cold storage backup?
    Why was payment necessary at all?

    Cryptocurrency has nothing to do with the attack(s) other than being the payment method. Ransomware predates crypto attacks. Used to use wire transfers to shell companies or asset transfers.

    Seriously, how do we get companies toe use competent security and maintain backups?

    reply to this | link to this | view in chronology ]

    • icon
      PaulT (profile), 19 Jun 2021 @ 2:06pm

      Re: Two problems; few solution

      "The major issue here is why/how does a major energy source get hacked in the first place!!?"

      As far as I'm aware, it didn't. The billing / customer service side got hacked and a decision was made to shut down the energy source until they could get control of the billing. Related, but not the same thing as directly hacking the actual energy source.

      "Why was there no system wide cold storage backup?"

      My understanding of the event is that they paid upfront to get it resolved as quickly as possible, then when the fix didn't come through quickly enough they did restore their own backups anyway. So, payment of the ransom, along with the pipeline shutdown, were unnecessary, but there was a management decisions that made it happen.

      reply to this | link to this | view in chronology ]

      • icon
        Lostinlodos (profile), 19 Jun 2021 @ 3:47pm

        Re: Re: Two problems; few solution

        “ So, payment of the ransom, along with the pipeline shutdown, were unnecessary, but there was a management decisions that made it happen.”
        Oh, so it’s bllling’s fault.
        Maybe they’ll remember that when people complain about mis-billing. Probably not.

        reply to this | link to this | view in chronology ]

        • icon
          PaulT (profile), 20 Jun 2021 @ 12:06am

          Re: Re: Re: Two problems; few solution

          "Oh, so it’s bllling’s fault."

          Yes, because the pipeline management system wasn't affected. If they were to found a way to deal with the billing retroactively - or applied the backups they apparently had lying around anyway - supply would have been unaffected. A management decision made it so that supply had to be stopped until they got their billing sorted out.

          For someone bleating about personal responsibility elsewhere, you seem strangely determined to deflect it here.

          "Maybe they’ll remember that when people complain about mis-billing. Probably not."

          They had 2 choices - keep supply going while they restored other systems, or shut it down and have to deal with complaints about both billing and supply. They chose the latter for whatever reason.

          reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Make this the First Word or Last Word. No thanks. (get credits or sign in to see balance)    
  • Remember name/email/url (set a cookie)

Close

Add A Reply

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Make this the First Word or Last Word. No thanks. (get credits or sign in to see balance)    
  • Remember name/email/url (set a cookie)

Follow Techdirt
Special Affiliate Offer

Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.