Bitcoin, a digital currency or a form of cryptocurrency, is an example of the disconnect between online practice and legislation. Bitcoin is unregulated and there is no national regulatory body accountable for its protection in several countries. Bitcoin is a decentralised and Peer-to-Peer (P2P) network-based virtual currency that is traded online and exchanged into US dollars or other currencies. This makes it possible for illicit money transfers and manipulation through the use of malware and botnets.

At a recently concluded annual European Security Conference, the head of Europol (European Police) warned against the “completely unregulated” online financial market saying that crime involving digital currencies such as “Bitcoin” is only a taste of things to come. The unregulated nature of Bitcoins provides opportunities for criminals to transfer, launder and steal funds. Since Bitcoins do not have a centralised authority to detect suspicious activity, identify users, obtain transaction records, this is a huge problem for law enforcement. Hence, cybercriminals use electronic payment systems and digital currencies in furtherance of their criminal objectives.

Extortion group
In recent times, a group called DD4BC has been responsible for a large number of Bitcoin extortion campaigns. This group expanded its extortion and Distributed Denial of Service (DDoS) campaigns to target a wider range of business sectors globally, including financial services, media and entertainment, online gaming and retailers. This group uses emails to inform its target that a low-level DDoS attack will be launched against the victim’s website. The attacks increased from low-level to more than 20 Gbps in some cases. The group would then demand a Bitcoin ransom to protect the company from a larger DDoS attack designed to make its website inaccessible.

Their ransom demands ranged from between 1 and 100 Bitcoins, depending on the perceived financial standing of the victim and their willingness to comply with the attacker’s instructions. To increase the credibility of their claim, the group often launched a small attack against the victim’s infrastructure first. Companies that pay the ransom risk being approached by the group or other attackers once again, for a higher amount.

Bitcoins have increasingly enabled individual criminals to become criminal entrepreneurs who operate based on a business model known as “crime-as-a service” (CaaS). Individual criminals come together on an ad-hoc basis to boost the CaaS business model without the need for a sophisticated criminal infrastructure to receive and launder money. DDoS extortion attacks have become a well-established criminal enterprise and further benefit from availability of DDoS capable malware and increasing popularity of pseudonymous payment mechanisms. These are indications that Bitcoin is establishing itself as a single common currency for cybercriminals and is increasingly adopted for other types of cybercrime as well.

Here are some criminal schemes around Bitcoins:
- Criminal-to-Criminal Payments Schemes include any transaction where one cybercriminal makes a payment to another for purchase of, or access to, a crime-related product or service. This is a common scenario within the CaaS business model of cybercrime. Further, the hidden services on the Darknet such as Agora or the now defunct Evolution used Bitcoin for payment, with the mechanisms to handle payment and escrow functions built into the market interfaces.

- Victim Payments Schemes are where a cybercrime victim is not just subject to a malicious, destructive attack but there will be a frequent attempt to obtain funds from the victim. The cyber-extortion is becoming increasingly common, particularly with the growing pervasiveness of ransomware and threat of DDoS attacks. Victims have also made payments to attackers in less flagrant attacks if they were victims of fraud, either as a result of social engineering or when paying for non-existent or bogus goods or services such as fake anti-virus software.

- Money Movement and Laundering Schemes are where a cybercriminal does not transfer funds to a third party, but simply moves money from one location or payment system to another. This includes the ‘cashing out’ of compromised financial accounts and credit cards and the use of exchangers to exchange to, from or between digital and fiat currencies.

- Payment for Legitimate Services Schemes represent scenarios where a cybercriminal is required to make a payment to a legitimate, public company for such things as hosting, hardware purchase, software or travel and accommodation. In these scenarios, the cybercriminals rarely feel the need to hide their identities and use traditional financial instruments such as credit cards or transfers from bank accounts, which may be legitimate, compromised or fraudulently obtained.

Criminal conspiracy
Bitcoin has started to feature as a common payment mechanism across almost all payment scenarios, a trend which can only be expected to increase. As the Bitcoin community continues to expand and more businesses accept it as a payment method, it will become impossible to even gauge the extent of the digital money circulating in the criminal landscape.

Digital currencies are slowly gaining acceptance at a government level, with a number of countries either proposing regulation of digital currencies or already recognising them under existing legislation. It is inevitable that more countries will follow suit although it would appear that there is currently a lack of harmonisation in approaches. Any regulation of digital currencies would only be applicable and enforceable when applied to identifiable users such as those providing exchange services. The inability to attribute transactions to end users makes it difficult to imagine how any regulation could be enforced for everyday users. The only possible solution to this mess is the regulation of digital currencies by national regulatory bodies. In the absence of any regulatory framework, freelance criminal entrepreneurs will continue unabated with their anti-national motives as well as activities likely also growing at an unprecedented rate over the coming years.

(The writer is a Governance, Risk and Compliance professional and Director at Layers-7 Seguro Consultoria (Pvt) Ltd. He is the founding member and Secretary of the (ISC)2 Chennai Chapter, Founder/President of Information Security Professional Associates (iSPA) and a board member of the (ISC)2 Colombo Chapter. He can be emailed at sujit@layers-7.com)

Light-hearted moments at reception for NZ delegation

“Progressive” tax on vehicles and luxury goods in 2016 Budget

Colombo Port unions rock the boat at SLPA

George Soros to visit Sri Lanka, PM says

Politicians, economist at STBC-pre-budget discussion

100 % leasing facility for motor vehicles available till Dec 1

Railway Projects: Way forward for Yahap#alanaya averting derailment

Government mulls alternatives for five Colombo mega projects

Visioning Sri Lanka in the year 2023

Western Region Megapolis Plan to be unveiled in Jan 2016

New product to tackle mosquitoes

Haycarb records Rs. 5.5 bln turnover, pre-tax profit of Rs. 417 mln for last 1stH

Sri Lankans using public transport has dropped to 50 % now from 75 %, 20 years ago

Cycling for a living at 68 years

IMF: Saudi Arabia could be broke in 5 years

Leisure sector profits ease at JKH but group results looking positive

Ceylon Chamber condemns “police brutality against HNDA students”

Creating the WOW factor in insurance through informed choice and treating customers fairly

UBER’s mobile app technology brings about cashless taxi rides in Sri Lanka

Some policies in agriculture are ruining the sector

Aeronautical Education and Research at the University of Moratuwa

WSO2 CEO unveils new and upcoming products at WSO2’s US fair

Transitioning from MDGs to Sustainable Development Goals: Role of ICT

China biggest investor in Sri Lankan real estate

Insurance industry consolidation looming

Professional Bankers association confers this year’s “Outstanding Contributions to the Banking Industry’ Award on A. Sarath de Silva

International Insurance Congress organised by the SLII

SriLankan Airlines to get new Airbus 330-300 on Nov 10

Maliban implements Sri Lanka’s First SAP S4 HANA Solution with JKH – SGIT

Correction

Sri Lanka needs to desperately revive sales to lost Pakistani market, trade says

Finance companies suffer following the CB directive on vehicle leasing

Sri Lanka elevated by IMF in data dissemination

SL listed hotels’ profits low despite rise in tourists

The Budapest Cybercrime Convention and its impacts

“CB employs retired staff”

Sri Lanka needs to provide non-contributory, state funded pension schemes

Aitken Spence ‘Turyaa’ hotels poised to expand

Government mulls alternatives for five Colombo mega projects