Does Law Enforcement Have More Control Over Cryptocurrencies Than People Believe? (How Did The FBI Seize Bitcoin From The Colonial Pipeline Hackers?)
According to the FBI, it has successfully seized most of the Bitcoin ransom paid by Colonial Pipeline to “Darkside” criminals after the highly publicized ransomware attack that led to recent gas shortages in multiple US States.
Unlike reversing financial transactions performed by banks and/or classic funds-transfer networks, seizing Bitcoin typically entrails issuing a new transaction to move Bitcoin from the address at which it resides to a new address controlled by the seizer; to perform such a transaction, however, the transferrer ostensibly requires knowledge of the private key associated with the origination address. (Seizing can also be done through other methods – all of which typically require knowing the private key of the origination address.)
It is no secret that cryptocurrencies enable various types of criminal activity and facilitate money laundering and the unreported transfers of large sums of money; as a result, I have wondered for years if lawmakers and law enforcement seemingly “turning a blind eye” to much of the issue has not been the result of naiveite, but because governments have “back doors” into popular crypto networks; are various government bodies able to better trace transactions than is commonly believed, to exploit zero-day implementation vulnerabilities in the crypto networks themselves or in the communications infrastructure upon which the networks rely, or to crack private keys far faster than outsiders believe through the use of quantum computers more advanced than are publicly known to exist? Could Satoshi Nakomoto even be some government agency somewhere? Whoever knows the answers to these questions will clearly not answer them to the public. (Of course, if the FBI has such capabilities, it would likely use them sparingly and ascribe any successes to other techniques – just as the Allies did not act on every piece of data obtained by hacking Enigma so as not to alert the Nazis to Enigma’s compromise.)
Of course, it is also possible that the FBI obtained the private key to the address/es to which the Colonial Pipeline ransom was transferred through far less sophisticated means; an FBI-filed affidavit notes that “the private key for the Subject Address [Perhaps the bc1qq2euq8pw950klpjcawuy4uj39ym43hs6cfsegq address being discussed online] is in the possession of the FBI in the Northern District of California” – so, maybe the BTC was stored at a crypto-exchange or other form of cryptocurrency-custodian-service that operates in California (exchanges and other custodians hold the keys to the addresses for the coins that are “under their care” – and the FBI can get those keys with a warrant). Or, perhaps, the private key was obtained from a physical computer or crypto-key storage device seized during a physical search in California (i.e., performed after obtaining a classic search warrant).
Another possibility is that an insider helped law enforcement – there are many hackers who may believe that the Colonial Pipeline hack violated some sort of “code of ethics” because it created a gas shortage impacting ordinary Americans and a potential national security concern – perhaps one or more such hackers turned on their colleagues or even their co-conspirators.
It is also not clear as of yet (at least to the public) if the coins were all seized from the criminals themselves or from others who the criminals had paid in exchange for something else; would criminals who successfully attacked Colonial Pipeline really have been stupid enough to store their take on servers within the FBI’s jurisdiction?
We will probably learn a lot more over the next few weeks – but, some details, especially about the true extent of the capabilities of law enforcement agencies, will likely not be released to the public any time soon.
Regardless of how the FBI was able to return a big portion of the Colonial Pipeline particular ransom, however, the issue of governments potentially having the ability to undermine the security of cryptocurrency networks is an issue that cannot be ignored.
It is not a secret that quantum computers will eventually be able to rapidly crack the asymmetric encryption that forms the heart of modern-day digital signatures, nor is it a secret that many blockchain implementations – including those utilized by several popular cryptocurrencies – rely on potentially quantum-vulnerable asymmetric encryption algorithms to establish and authenticate the “owners” of their respective per-ledge-address contents.
As such, while conventional wisdom is that quantum computers powerful enough to crack modern-day asymmetric encryption do not yet exist – and that it may take some time for such devices to appear on the market – we do not really know what exists now or what will exist at any particular point in the near future.
Unlike commercial enterprises that publicize their progress in developing increasingly powerful quantum computers, militaries, spy agencies, law-enforcement organizations, and governments in general do not seek to spread information about their R&D successes, and do not publicize the extent of their technological capabilities. Not only do such entities not broadcast their capabilities with regards to levels of technical prowess– they often classify such information, thereby establishing severe criminal penalties for anyone in the know who might have otherwise leaked even an iota of related data.
As such, the reality is that no human being alive today can state with absolute certainty that nobody else has the ability to use quantum devices in order to undermine blockchain security. Furthermore, even if it is true (as is likely the case) that nobody has such quantum capabilities today, nobody can be certain as to how soon other parties will have such capabilities.
Furthermore, replacing implementations of quantum-vulnerable asymmetric encryption with quantum resistant technology is a time-consuming process – it cannot be done overnight. As such, if we do not get to work on such an effort ASAP, our society may be in for a rude awakening.
This post is sponsored by IronCAP™. Please click the link to learn more about IronCAP’s patent protected methods of keeping data safe against not only against today’s cyberattacks, but also against future attacks from quantum computers.
(Originally published June 9, 2021 – Updated May 31, 2022)