DO WE REALLY NEED A NEW “WAR AGAINST CRYPTOGRAPHY”?
Hear Andy’s thoughtful commentary on cybercrime, law enforcement, anonymity, privacy, and whether we really need a “war against cryptography” – codes and ciphers that the government can easily crack if it thinks there’s an emergency – to cement our collective online security.
Click-and-drag on the soundwaves below to skip to any point. You can also listen directly on Soundcloud.
Intro and outro music by Edith Mudge.
PAUL DUCKLIN. Hello, everybody.
Welcome to this very, very special episode of the Naked Security podcast, where we have the most amazing guest: Mr. Andy Greenberg, from New York City.
Andy is the author of a book I can very greatly recommend, with the fascinating title Tracers in the Dark: The Global Hunt for the Crime Lords of Cryptocurrency.
So, Andy, let’s start off…
..what made you write this book in the first place?
It seems fascinatingly complicated!
ANDY.GREENBERG. Yes, well, thank you, Paul.
I guess [LAUGHS]… I’m not sure if that’s a compliment?
DUCK. Oh, it is, it is!
ANDY. Thank you.
So, I’ve covered this world of hackers, and cybersecurity, and encryption for about 15 years now.
And around, let’s see – I guess 2010 – I started working on a book, a different book, that was about the cypherpunk movement in the 1990s…
…and the ways that it gave rise to the modern internet, but also to things like WikiLeaks, and other kinds of encryption, anonymity tools, and ultimately what we now call the dark web, I suppose.
And I’ve always been fascinated with the ways, on this beat, that anonymity can play this fascinating, dramatic role – and allow people to become someone else, or to reveal to you in secret to who they truly are.
And as I dug into this cypherpunk world, around 2010 and 2011, I came upon this thing that seemed to be a new phenomenon in that world of online anonymity – which was Bitcoin.
I wrote, I think, the first print magazine piece about Bitcoin for Forbes magazine in 2011.
I interviewed one of the first Bitcoin developers, Gavin Andresen, for that piece.
And Gavin and many others at the time were describing Bitcoin as a kind-of anonymous digital cash for the internet.
You could actually use this new invention, Bitcoin, to put unmarked bills in a briefcase, basically, and send it across the internet to anyone in the world.
And, being the kind of reporter I am, I’m interested in the subversive and sometimes criminal, sometimes politically motivated… I don’t know, the underhanded and dark corners of the internet.
I just saw how this would enable a new world of… yes, people seeking financial privacy, but also money laundering, and drug dealing online, and all of this that would come to pass in the next few years.
But what I didn’t foresee is that, ten years later or so, it would be by then apparent that Bitcoin is actually the *opposite* of anonymous.
I mean, that is the big surprise, and the big reveal.
For me, it was a kind of slow-motion epiphany to realise that cryptocurrency was actually *extremely* traceable.
It was the opposite of this “anonymous cash for the internet” that many people once thought it was.
And the result, I think, was that it served as a kind of trap for many people seeking financial privacy… and criminals, over that decade.
And as I realised the extent of this… I fully realised it in 2020 or so.
I began, at the same time, to see that this one company, Chainalysis, a blockchain-analysis Bitcoin cryptocurrency tracing firm, was being venked in one US Department of Justice announcement after another in all of these major busts.
And so I started talking to Chainalysis, and then to their customers and law enforcement, and slowly realised that there had been this one small group of detectives that had figured this out much earlier than me.
They had started actually tracing Bitcoins years earlier, and had used this incredibly powerful investigative technique to go on this spree of one massive cybercriminal bust after another…
…using cryptocurrency as this surprise trap that had been laid for so many people on the dark web, and in the cybercriminal world as a whole.
DUCK. Now, I suppose we shouldn’t really be surprised at that, should we, as you explain in the book?
Because the whole idea, at least of the Bitcoin blockchain, is that it is, by design, entirely and utterly public and irrevocable.
That’s how it can work as a ledger that is equivalent to something that would normally be held privately and individually by your bank.
It doesn’t actually have your name on it, but it has a magic identifier that, once tied to you, can’t really be cut loose…
…if there’s other evidence to say, “Yes, long-hexadecimal-string-of-stuff is Andy Greenberg, and here’s why.”
Now try denying it!
So, I think you’re right.
This idea that it’s *possible* to trade anonymously with Bitcoin – I think was taken by very many people to mean that it is fundamentally anonymous and ever-untraceable.
But the world is not like that, is it?
ANDY. I sometimes look back on my 2011 self, and in that piece for Forbes, I *did* write that Bitcoin was potentially untraceable.
And I sort of scold myself, “How could you be such an idiot?”
The whole idea of Bitcoin is that there’s a blockchain that records every transaction.
But then I remind myself that even Satoshi Nakamoto, the mysterious creator of Bitcoin (whoever he, she or they are), in their first email to a cryptography mailing list introducing the idea of Bitcoin…
…listed among its features that participants can be anonymous.
That was a feature of Bitcoin as Satoshi described it.
So I think there’s always been this idea that Bitcoin, if it’s not anonymous, at least is pseudonymous, that you can hide behind the pseudonym of your Bitcoin address, and that if you can’t figure out somebody’s address, you can’t figure out their transactions.
I guess we all should have known… I should have known, and maybe even Satoshi should have known, that, given this massive corpus of data, there would be patterns in it that allow people to identify clusters of addresses that all belong to one person or service.
Or to follow the money from one address to another to find interesting giveaways in this massive collection of data.
The biggest giveaway of all is when you cash in or cash out at a cryptocurrency exchange that has Know-Your-Customer [KYC] requirements, as almost all of them do now.
They have your identity, so if somebody can just subpoena that exchange, then they have your actual driver’s licence in hand.
And any illusion of anonymity just completely backfires.
So that is the story, I think, of how Bitcoin’s anonymity turned out to be the opposite.
DUCK. Andy, do you think, perhaps, though, that there’s nothing wrong with Satoshi Nakamoto saying, “You *can* be anonymous when you use Bitcoin?”
I think what’s wrong is that lots of people assume that because technology *can* let you do something that is desirable for your privacy, therefore, *however you use it*, it always will.
And the original idea of Bitcoin didn’t include exchanges, did it?
And so there wouldn’t be any exchanges that would take a copy of your driving licence if Bitcoin were used in its original sort of cypherpunk way, as far as I can see…
ANDY. Well, I certainly don’t blame Satoshi for not predicting the entire cryptocurrency economy, including the ways that exchanges would interface with the traditional finance world.
It’s all incredibly complex economics; Bitcoin was brilliant enough as it is.
But I do think that it’s more than just, “You *can* be anonymous with Bitcoin if you’re careful, but most people are not careful.”
It turns out, I think, that the possibility, no matter how smart you are, of using Bitcoin anonymously is vanishingly small.
Also, there is the property of blockchain *that it is forever*.
So, if you use the kind of smartest ideas of the day to try to avoid any of these patterns that reveal your transactions on the blockchain, but then someone years later figures out a new trick to identify transactions…
…then you’re still screwed.
They can go back in time, and use their new ideas to foil your cutting-edge anonymity tricks from years earlier.
With a bank fraud you can imagine you *could* get lucky, couldn’t you?
That just when you’re about to be investigated, years later, you find the bank’s had a data security disaster, and they’ve lost all their backups and, oh, they can’t recover the data…
With the blockchain, that ain’t never going to happen! [LAUGHS]
Because everybody’s got a copy, and that’s a requirement for the system to work as it does.
So, once locked in, always locked in: it can never be lost.
ANDY. That’s the thing!
To be anonymous with cryptocurrency, you truly have to be perfect – perfect for all time.
And to catch someone who’s trying to be anonymous with cryptocurrency slipping up, you just have to be smart, and persistent, and work on it for years, which is what, first, Chainalysis…
…actually, first was academic researchers like Sarah Meiklejohn at the University of California at San Diego, who, as I document the book, came up with a lot of these techniques.
But then Chainalysis, this startup that’s now almost a nine-billion-dollar unicorn, selling polished cryptocurrency tracing tools to law enforcement agencies.
And now, all of these law enforcement agencies that have professional Bitcoin tracers – their savvy, their know-how in doing this, is just growing by leaps and bounds.
And I think it’s almost just a better rule to say, “No, you cannot be anonymous with cryptocurrency,” that it is fully transparent.
That’s a safer way to operate, almost.
To be fair, Satoshi Nakamoto said participants *can* be anonymous… but it turns out that the only participant who has *remained* anonymous is Satoshi Nakamoto.
And that is, in part, because very few people have that other-worldly restraint that Satoshi had to amass a million Bitcoins and then never spend them or move them.
If you do that… yes, I think you can perhaps be anonymous.
But if you ever want to use your cryptocurrency, or to put it in a liquid form where you can spend it, then I think you’re toast.
DUCK. Yes, because there are some amazing things that have happened, one of which you allude to because it was in the works just at the end of the book…
…[LAUGHS] what I call the Crocodile Lady and her husband: Heather Morgan and Ilya Liechtenstein.
They’re alleged to have somehow received a whole load of cryptocoins from a cryptocurrency bank robbery against Bitfinex.
In their cases, they received stolen cryptocurrencies in vast quantities, so that they could quite literally have been billionaires *if they could have cashed it out*.
But when bust, they still had the vast majority of that stuff sitting around.
So it seems that, in a lot of cryptocurrency crimes, your eyes can be a lot bigger than your stomach.
You may live the high life a little bit… the Crocodile Lady and her husband, it does seem they were living quite a flash lifestyle.
But when they were bust, what was the amount?
It was more than $3 billions’ worth of Bitcoins that they had, but couldn’t cash out.
ANDY. The Department of Justice said that they seized $3.6 billion from them.
That was the biggest seizure not just of cryptocurrency in history, but of money in the history of the Department of Justice.
In fact, as I document in the book… actually, one of these happened after the book, but the IRS criminal investigators, who are the main subjects of this book, have now pulled off the first, second, and third-biggest seizures of money in American criminal justice history, by following cryptocurrency and seizing Bitcoins.
Your point is absolutely right, which is that cryptocurrency is easy to steal, it turns out… that is, I think, one of its big drawbacks for the businesses, like exchanges, that have to hold sometimes billions of dollars in a kind of digital safe.
But then if you do steal it, if you pull off one of these massive heists – and two of the three of the cases that we’re discussing are actually people who stole money from the Silk Road dark web drug market…
DUCK. Yes [LAUGHS]… when you steal from a crook, it’s still a crime, eh?
ANDY. [LAUGHS] Yes, unfortunately – for those crooks, anyway.
DUCK. One of the most intriguing bits for me in the book was somebody that you identify as “Individual X”, only because that’s the way they were identified by the court.
This individual had stolen 70,000 Bitcoins, and was busted, and basically gave them back… sort-of in return for getting let off.
They didn’t get prosecuted, they didn’t go to prison, they didn’t – I imagine – even get a criminal record.
And they were never named.
ANDY. That’s right.
DUCK. So that seems like an almost unreadable mystery, doesn’t it?
If we look forward a few years, now that Bitcoin’s… what, in the last year, it’s gone down to about a third of its value; Ether is down to about a third; Monero is about half.
Do you think that that gambit of saying, “I’ll give the money back, let me off” would have worked if the prices were reversed, and what they were handing back was now worth a fraction of what it was when it was stolen?
Or do you think that Individual X was lucky because what they had to hand back was actually worth much more than when they stole it?
ANDY. I think it’s the latter.
Individual X stole that money while the Silk Road was still online…
So that would have been when BTC was, what, hundreds [of dollars] then?
ANDY. Yes, probably, or thousands at most – Silk road went offline in 2013, when Bitcoin had just broken through $1000, if I remember.
This person (I don’t want to say “guy” – who knows who Individual X is?) sat on these 70,000 Bitcoins for seven years, ultimately…
…probably, exactly as you said, just terrified to move them or cash them out for fear of being caught.
DUCK. Yes, can you imagine?
“Hey, I’m a millionaire!”
“Hey, I’m a *billionaire*!”
“Oh, golly, but where am I going to get my rent money?”
[LAUGHS] Shouldn’t laugh….
ANDY. As you say – like the hand stuck in the cookie jar!
The hand just gets bigger and bigger until it’s all-consuming, and you cannot move it, you can’t get it out.
In fact, even without trying to get it out, IRS criminal investigators found it through other means, including the seizure of the BTC-e exchange, which was a kind-of money-laundering, criminal Bitcoin exchange.
DUCK. That was a rogue exchange that basically did as little as is humanly possible along the Know Your Customer front?
“Ask no questions, tell no lies,” that kind of thing?
Is that right?
ANDY. Yes, exactly.
That was another surprise for many users who believed that, “Maybe I can use BTC-e a little bit and not get caught, because that doesn’t have Know Your Customer, that doesn’t co-operate with law enforcement.”
But, nonetheless, when that exchange was busted and its servers seized, that provided more clues to the IRS.
That helped, in fact, to figure out who Individual X was… I don’t know who they are, but the government does.
And to knock on his or her door and say, “Hey, hand over a billion dollars or you’re going to jail,” and that’s exactly what happened.
Now, poor James Zhong is a very similar case.
He seems to have taken 50,000 Bitcoins from the Silk Road, probably around the same time, and then held onto them for even longer.
And then, a year after Individual X, Zhong got a knock on his door…
Similarly, they had traced the money, even though he had just left it sitting on a USB drive in a popcorn tin under the floorboards of his closet.
In his case, he did not manage to make a deal somehow, and he’s being criminally charged.
DUCK. *And* he has given the money back, obviously?
[WRY LAUGH] Aaaargh!
ANDY. He was a Bitcoin billionaire, and now is facing criminal charges… and never got to even spend his loot.
The Bitfinex case, I don’t know… I have less sympathy for them because they truly were trying to launder a massive theft from a legitimate business.
And they did, I think, launder some of it.
They tried several different clever techniques.
They put the money through…. I mean, this is all alleged, I should say; they’re still innocent until proven guilty, this couple in New York.
But they tried to put the money through the AlphaBay dark web market as a kind of laundering technique, thinking that would be a black box that law enforcement would not be able to see through.
But then AlphaBay was busted and seized.
That’s perhaps the biggest story I tell in the book, the most exciting cloak-and-dagger story: how they tracked down the kingpin of AlphaBay in Bangkok and arrested him.
DUCK. Yes… spoiler alert, that’s where the helicopter gunships come in!
ANDY. lLAUGHS] Yes!
Yes, and much more!
I mean, that story is one of the craziest that I will probably tell in my career…
But then, also, this New York money-laundering couple tried to put some of the money through Monero, a cryptocurrency that is advertised as a privacy coin, a potentially truly untraceable cryptocurrency.
And yet, in the IRS documents where they describe how they caught this couple in New York, they show how they continued to follow the money, even after it’s exchanged for Monero.
So that was a sign to me that perhaps even Monero – this newer, “untraceable” cryptocurrency – is a bit traceable too, to some degree.
And perhaps this trap persists… that even coins that are designed to outstrip Bitcoin in terms of their anonymity are not all they’re cracked up to be.
Although I should say that Monero people hate it when I even say this out loud, and I don’t know how that worked…
…all I can say is that it looks very possible that Monero tracing was used in that case.
DUCK. Well, there could be some operational security blunders that the Crocodile Lady and her husband made as well, that kind of tied it all together.
So, Andy, I’d like to ask you, if I may…
Thinking of cryptocurrency tokens like Monero, which as you say, is meant to be more privacy focused than Bitcoin because it inherently, if you like, joins transactions together.
And then there’s also Zcash, designed by cryptography experts specifically using technology known in the jargon as zero-knowledge proofs, which is at least supposed to work so that neither side can tell who the other is, yet it’s still impossible to double-spend…
With all eyes on these much more privacy-focused tokens, where do you think the future is going?
Not just for law enforcement, but where do you think it might drag our legislators?
There’s certainly been a fascination for decades, amongst sometimes very influential parliamentarians, to say, “You know what, this encryption thing, it’s actually a really, really bad idea!”
“We need backdoors; we need to be able to break it; somebody has to ‘think of the children’; et cetera, et cetera.”
ANDY. Well, it’s interesting to talk about crypto backdoors and the legal debate over encryption that even law enforcement can’t crack.
I think that, in some ways, the story of this book shows that that is often not necessary.
I mean, the criminals in this book were using traditional encryption – they were using Tor and the dark web, and none of that was cracked to bust them.
Instead, investigators followed the money and *that* turned out to be the backdoor.
It’s an interesting parable, and a good example of how, very often, there is a side-channel in criminal operations, this “other leak” of information that, without cracking the main communications, offers a way in…
…and doesn’t necessitate any kind of backdoor in Tor, or the dark web, or Signal, or hard disk encryption, or whatever.
In fact, speaking of ‘thinking of the children’, one of the last major stories that I dig deeply into in the book is the bust of the Welcome To Video market for child sexual abuse videos that accepted cryptocurrency.
And as a result, the IRS investigators at the centre of the book were able to track down and arrest 337 people around the world who used that market.
It was the biggest bust of what we call child sexual abuse materials, by some measures, in history…
…all based on cryptocurrency tracing.
DUCK. And they didn’t need to do anything that you would really consider privacy-violating, did they?
They quite literally followed the money, in a trail of evidence that was public by design.
And in conjunction, admittedly, with warrants and subpoenas from places where the money popped out, and where internet connections were made, they were able to identify the people involved…
…and largely to avoid trampling on millions of people who had absolutely no connection with the case whatsoever.
I think that it is an example of a way to do… it is, in some ways, mass surveillance – but mass surveillance in a way that nonetheless does not require weakening anybody’s security.
I guess that cryptocurrency users, and people who believe in the power of cryptocurrency for enabling activists, and dissidents, and journalists, and money transmissions to countries like Ukraine, that need injections of money for survival…
They would argue that, nonetheless, we need to fix cryptocurrency to make it as untraceable as we once thought it might be.
And that’s where we get into the new, I would say *a* new, crypto-war over cryptocurrency.
We’re just starting to see the beginning of that with tools like Monero and Zcash, as you said.
I do think that there will probably still be surprises about the ways that Monero can be traced.
I’ve seen a leaked Chainalysis document where they told Italian law enforcement… it’s a presentation in Italian to the Italian police from Chainalysis, where they say that they can trace Monero, in the majority of cases, to find a usable lead.
I don’t know how they do that, but it does seem like it’s probabilistic more than definitive.
Now I don’t think a lot of people understand – that is often enough for law enforcement to get a subpoena, to start subpoenaing cryptocurrency exchanges, just based on a probabilistic guess.
They can just check every possibility, if there are a few enough of them.
DUCK. Andy, I’m conscious of time, so I’d like to finish up now by just asking you one final question, and that is…
In ten years’ time, do you see yourself being in a position where you’ll be able to write a book like this one, but where the “unravelling” parts are even more fascinating, complicated, exciting, and amazing?
ANDY. I tried, with this book, *not* to make too many predictions.
And, in fact, the book begins with this “mea culpa” that ten years ago I believed exactly the wrong thing about Bitcoin.
So nobody should listen to any ten-year prediction that I have!
But the simplest prediction to make, that *has* to be true, is that this cat-and-mouse game will still be going on in ten years.
People will still be using cryptocurrency thinking that they have outsmarted the tracers…
…and the tracers will still be coming up with new tricks to prove them wrong.
The stories, as you say, will, I think, be much more convoluted because they’ll be dealing with these cryptocurrencies like Monero, that build in vast mix-networks, and Zcash, that have zero-knowledge proofs.
But it does seem that there will always be some way – and maybe not even cryptocurrency, but in some other side channel… as I was saying, there will be a new one that unravels the whole thing.
But there’s no question that this cat-and-mouse game will go on.
DUCK. And I’m sure there’ll be another Tigran Gambaryan sometime in the future for you to interview?
ANDY. Well, I do think the game of anonymity…
…it does favour the Tigran Gambaryans of the world.
They, as I said, just have to be persistent and smart.
But the mice in this cat-and-mouse game have to be perfect.
And no one is perfect.
ANDY. So, if I do have to make a prediction…
…then I would just place my bet on the cats, on the Tigran Gambaryans of the world.
DUCK. [LAUGHS] Andy, thank you so much.
Before we go, why don’t you tell our listeners where they can get your book?
ANDY. Yes, thanks, Paul!
The book is called “Tracers in the Dark: The Global Hunt for the Crime Lords of Cryptocurrency.”
And it’s available at all the normal places books are sold.
But if you go to https://andygreenberg.net/, then you can just find links to a bunch of places.
DUCK. Andy, thank you so much for your time.
It was as fascinating talking to you and listening to you as it was reading your book.
I recommend it to anybody who wants a galloping read that is nevertheless detailed and insightful about how law enforcement works…
…and, importantly, why criminal convictions for cybercrimes often only happen years after the crime occurred.
The devil really is in the details.
ANDY. Thank you, Paul.
It’s been a super-fun conversation.
I’m just glad you enjoyed the book!
Thanks to everybody who listened.
And, as always: Until next time, stay secure!