How did the Justice Department recover $2.3 million of the ransom paid by Colonial Pipeline to a group of hackers known as DarkSide? Isn’t bitcoin, the cryptocurrency in which the payment was made, supposed to be untraceable? Actually, no. Bitcoin is anonymous, but it’s far from private—an important but often overlooked distinction. The Justice Department recovered more than $1 billion in bitcoin in various investigations during 2020 alone.
The blockchain—bitcoin’s historical ledger of all transactions—is publicly viewable at all times by anyone, so that there can’t be any under-the-table cash transactions. Software firms such as Chainalysis and Elliptic have supported federal investigators with a suite of analysis tools intended to help trace criminals and tax cheats, including those who try to obscure the bitcoin trail through dozens of successive transactions.
What complicates recovery is bitcoin’s anonymity. Senders and recipients are denoted by wallet addresses—a string of numbers and letters—rather than names or Social Security numbers. Other cryptocurrencies such as Monero, zCash and Haven are working on technologies that would offer both anonymity and privacy. But even then, users would face the “off-ramp” dilemma.
That arises when criminals need to spend their bitcoin or convert it into conventional currency. The final transaction deanonymizes the participant and usually triggers the jurisdiction of one or more government agencies. Thus, once criminals transfer their coins into an exchange wallet—even one that doesn’t adhere to the exchange’s Know Your Customer/Anti-Money-Laundering requirement—investigators have what they need to freeze and ultimately claim those assets. That’s likely what happened in the case of Colonial Pipeline.
Traditional currency poses problems of its own for investigators. Bank notes are untraceable unless authorities note the serial numbers in advance. Global banks amassed some $15 billion in fines in 2020 for tacitly enabling money laundering and other financial crimes. Bitcoin’s transparency may do more to mitigate fraud and theft than traditional banking and currency ever could.