Re-evaluating the Threat of Cryptocurrencies as a Means for Financing Terrorism
Henry Carson, Rob Maxey, Illicit Finance
October 16, 2020
Terrorist organizations are always adapting their tactics for funding illicit activities in the face of steadfast efforts by governments and financial institutions to deter them. And given the global rise in popularity of cryptocurrencies over the past few years and their benefit of allowing individuals to conduct financial transactions outside of traditional regulated financial systems, many people are concerned that terrorist organizations will seize this opportunity to perform financial activities while evading global counterterrorism efforts. However, due to successful ongoing counterterrorism efforts and substantial barriers to cryptocurrency adoption, cryptocurrencies make up a miniscule portion of terrorist financing and are unlikely to be adopted on a grand scale. Understanding the full scope of the threat and dispelling any unwarranted speculation or exaggeration are critical for identifying how to properly allocate time, money, personnel, and other resources to the broader goal of disrupting and defeating terrorist financing.
Cryptocurrencies are a type of digital currency that operate independently of a central banking institution. The creation of new currency, the exchange of currency, and the ownership of each currency unit are recorded on publicly accessible distributed ledgers using cryptography. Users exchange cryptocurrency to one another’s digital “wallet,” with each wallet having its own address. Computers cross-reference distributed ledgers to form a consensus and validate transactions. This gives the system credibility, secures the currency holder from risks like double-spending and counterfeiting, and eliminates the need for a central banking authority. Bitcoin, the first and most popular cryptocurrency, emerged in 2008, and now numerous other cryptocurrency projects exist such as Etherium and Litecoin, each one having their own focus and vision.
Some newer cryptocurrency projects are centered around offering more anonymity and privacy than less secure ones like Bitcoin. Because one does not always need to provide identifying information in order to obtain Bitcoin, many think that it is an anonymous currency. However, Bitcoin and many other cryptocurrencies are only pseudonymous, meaning it is possible to trace each coin back to its source because transaction history is publicly available. To address this, privacy-oriented cryptocurrencies like Monero obfuscate transaction records while verifying transaction credibility through other protocols. The distributed nature of cryptocurrency makes regulation by governments and financial institutions extremely difficult, while the design of privacy-centered cryptocurrencies in particular makes transactions difficult to track.
Because of this privacy and decentralization, cryptocurrencies have great potential to be exploited by those seeking to use them for illicit purchasing, fundraising, and money laundering. They are difficult to track because they provide more anonymity and privacy than more conventional methods like wire transfers, and they are difficult to regulate with existing legal frameworks. Cryptocurrencies can also be used for cross-border transactions without having to go through traditional regulatory channels, and they don’t come with the transportation limitations of cash. These properties make cryptocurrency attractive for those looking to engage in a variety of financial crimes, not to mention that cryptocurrencies are favored on the dark web for drug and weapons purchases. The potential for terrorist organizations to also exploit cryptocurrencies has been discussed in the media as a grave threat. A Washington Post Op-Ed by Stephen Salinsky in 2018 rightly describes the need for cryptocurrency to be a focus in the U.S. counterterrorism strategy.
Blockchain technology allows cryptocurrencies to function without any centralized authority.
Terrorist organizations of different creeds have indeed taken advantage of cryptocurrencies, primarily looking to use them as a fundraising tool and also to pay for online services like web hosting. White supremacy extremists in the United States and abroad have used cryptocurrencies for fundraising and selling merchandise, with the American white supremacist Richard Spencer calling Bitcoin the “currency of the far-right.” Meanwhile, extremist Islamist groups al-Qaeda, ISIS, and their affiliates have solicited cryptocurrency donations online, and cryptocurrency was reportedly used to purchase weapons on the dark web which were subsequently used in the 2015 Munich attacks.
This being said, there have also been sensationalized articles which take advantage of speculation, ignore problems that terrorist organizations have with storing and liquidating cryptocurrency, and misrepresent the threat to be larger than it is. Reports of counterterrorism efforts and financial seizures have been many, but these do not point towards an increase in successful cryptocurrency use by terrorist organizations. Examples of successful usage have reportedly been limited and isolated since 2015. The funding of extremist organizations via cryptocurrency is a threat that deserves to be taken seriously, but it is important to be realistic about its scale: successful countermeasures taken by adversaries and substantial barriers to entry prevent terrorist organizations from exploiting cryptocurrency in a way that even remotely approaches their main revenue streams.
Despite the existing documented examples of terrorist organizations using cryptocurrencies for illicit purposes, a number of critical barriers to entry keep terrorist groups from widely adopting cryptocurrencies. First, cryptocurrencies as they exist today cannot meet most of the financial needs of terrorist organizations. In general, the use of terrorist money can be broken down into three categories: receipt, management, and spending. Receipt includes any activities where money is coming in, such as fundraising through individual donations and receiving funds from state sponsors. Management involves the use of money for operational and day-to-day purposes. Spending includes any transactions where money is going out in exchange for other forms of resources, such as spending money on weapons and tactical gear that will be used to carry out an attack. In most cases, cryptocurrencies fail to meet the needs of management and spending due to the fact that they are not accepted in the vast majority of locations where terrorist organizations operate. For example, Bitcoin ATMs are rare around the world and basically non-existent in the areas where terrorist organizations maintain strong footholds. This leaves receipt as the main use of cryptocurrencies by terrorist organizations; however, even this form presents considerable challenges, such as converting the cryptocurrency into locally accepted currency.
Beyond these notable issues, a lack of reliable infrastructure and technical knowledge creates another significant barrier to entry. Many terrorist organizations operate in remote locations with poor internet and technological penetration. When a power or internet outage could happen at any moment, the reliability and usability of the cryptocurrency takes a sharp downturn. In terms of technical knowledge, a steep learning curve exists for users to not only understand and use cryptocurrency, but also to successfully maintain privacy and anonymity. With terrorist organizations operating in many regions of the world where technological literacy is low, attempting to use cryptocurrencies effectively and covertly may not be the most prudent decision. This technological literacy barrier also applies to many external would-be donors, with some falling victim to cryptocurrency fundraising scams.
Furthermore, while one of the key elements that makes cryptocurrencies attractive is their anonymity, that anonymity may not be as guaranteed as some cryptocurrency creators suggest. The nature of a permanent, public, distributed ledger means just that – a transaction is permanent, publicly available, and in the possession of every node in the cryptocurrency network. While deciphering and tracking cryptocurrency movement is extremely difficult by design, it is not impossible. Newer cryptocurrencies like Monero and Zcash are built with a more privacy-oriented design than traditional ones like Bitcoin, but even those are not as secure as existing forms of terrorist financing that take place offline and leave no traceable evidence.
Ultimately, existing methods of financing terrorism often work well and do not present the new set of challenges introduced by cryptocurrencies. Cryptocurrency values are highly volatile, and existing systems such as hawala networks, state financing, and drug/weapon trafficking present more stable and effective financing options.
Aside from existing barriers to entry, terrorist organizations that explore the use of cryptocurrencies also face aggressive countermeasures from governments and financial regulatory bodies. In particular, this year has seen several partnerships between U.S. government agencies and cryptocurrency analytics companies. In August of 2020, cryptocurrency analytics company CipherTrace announced that it had developed a tool for tracking the privacy-centered cryptocurrency Monero through a contract by the U.S. Department of Homeland Security. The tracking of Monero, previously thought to have airtight privacy, is a big step towards countering its use by terrorist organizations that have been exploring it as a fundraising option. The IRS, DEA, and the Secret Service have also partnered with the popular American crypto-exchange Coinbase to use its cryptocurrency analytics tools to investigate financial crimes. Because cryptocurrencies have no central regulating body, partnerships between the government and the cryptocurrency community are crucial in combating the illicit use of virtual currency, especially terrorist financing.
Another example that highlights terrorist organizations’ vulnerability in using cryptocurrency is when the US Department of Justice announced on August 13, 2020 that federal counterterrorism authorities had “dismantled a series of sophisticated online fundraising campaigns run by three separate US-designated terrorist organizations.” These efforts were largely the result of U.S. counterterrorism officials using “third-party blockchain analysis and personally identifying information from virtual exchanges to track 150 cryptocurrency accounts associated with al-Qassam, and to investigate U.S.-based individuals who donated to these campaigns.” Not only was the whole operation shut down, but U.S. authorities also seized “millions of dollars, over 300 cryptocurrency accounts, three websites, and four Facebook pages all related to the criminal enterprise.” This case clearly underscores the fact that anonymity and security are not guaranteed when using cryptocurrencies. With the seizure of several terrorist websites, it would be prudent for U.S. authorities to continue to operate them as a tactic to identify and trace individuals accessing the site and attempting to financially support these groups. Furthermore, this major failure, among others, on the part of terrorist organizations will likely cause them to become considerably more sceptical about relying on cryptocurrencies as a significant or reliable revenue stream. As a result, terrorist organizations may seek out other more private forms of cryptocurrency and/or double down on existing, more traditional offline forms of financing. Successes like this on the part of the U.S. government put terrorist organizations on the defence rather than offensively innovating and seeking novel forms of financing. While a certain amount of resources should continue to be allocated toward eliminating terrorist cryptocurrency use, successes like this allow counterterrorism authorities in the U.S. and around the world to shift their efforts and resources toward dismantling the more bedrock forms of terrorist financing.
Website of the al-Qassam Brigades, with a section soliciting Bitcoin donations
Current regulations and partnerships which seek to eliminate illicit cryptocurrency use place the responsibility of identification on the intermediaries and exchanges which host user’s funds, but tech-savvy terrorist organizations are able to avoid identification and regulation by avoiding popular exchanges and using private wallets. Meanwhile, countermeasures by law enforcement have focused on creating third-party tools in an attempt to link people with their cryptocurrency transactions. While these tools have been successful in tracking illicit cryptocurrency use, there needs to be a shift in focus to prevent anonymous cryptocurrency acquisition in the first place in order to fully target what is already a difficult funding source for terrorist organizations to operate. A new regulatory framework focused on user identification would make countermeasures and identification tools much more effective by eliminating some of the difficulty involved with identifying anonymous users.
These new regulations could take a variety of approaches, and will likely be very effective if they are adopted by the United States and other Western countries where the majority of cryptocurrency projects are based. Partnerships between U.S. government agencies and popular exchanges like Coinbase as mentioned have contributed to investigations of financial crimes, but successful anonymous transfers, though complicated and inconvenient, can still be arranged by taking precautions to operate in the poorly regulated and difficult to monitor arena of cryptocurrency transactions that take place outside of popular exchanges. Some proposed regulatory solutions to address this include whitelist and blacklist approaches, regulations on other cryptocurrency participants, or including personally identifying information in each transaction. While government partnerships and digital law enforcement tools work to stop illicit transactions, innovative transnational regulatory measures are needed in order to make the already difficult task of acquiring and using cryptocurrencies more difficult for criminal and terrorist organizations.
While it is critical that active countermeasures continue to be taken to deter terrorist use of cryptocurrencies, the success of existing countermeasures and the fundamental challenges of using cryptocurrencies on a large scale inhibit its widespread adoption by terrorists and make it unlikely to become a critical part of terrorist financing at any point in the near future. As part of active countermeasures, CTG recommends that counterterrorism authorities must monitor changes in the functionality and volatility of cryptocurrencies, technological penetration in zones where terrorist organizations operate, changes in the viability of more traditional forms of terrorist financing, and technological literacy among members of terrorist groups in an ongoing effort to identify if, when, and how the existing barriers to cryptocurrency adoption may change. And given the much larger role that illicit cryptocurrency use plays in cyber crime generally compared to terrorism, CTG recommends that counterterrorism organizations and agencies should not focus their resources on the development of tools for tracking cryptocurrency exchange. Rather, they should maintain close relationships with other organizations and tech companies that focus on tool development so that counterterrorism groups can focus their efforts on the implementation and utilization of such tools. This solution would allow counterterrorism organizations to focus appropriate amounts of resources on terrorist cryptocurrency use while also allowing critical resources to be allocated toward other more prominent and pervasive sources of terrorist financing.
In the long term, more attention should be given to the use of cryptocurrencies by narco terrorist organizations, given the rapid growth of cryptocurrency-based dark web drug markets. Furthermore, authorities must carefully monitor the use of cryptocurrencies among white supremacist extremist groups that are growing and are typically based in countries with reliable technological infrastructure and widespread digital literacy. These groups have the same incentives as traditional terrorist organizations to use cryptocurrencies without a number of the significant barriers to entry, increasing the possibility that their cryptocurrency use for illicit purposes may increase. The Counterterrorism Group continues to monitor the changes and trends of both the cryptocurrency market and the broader terrorist financing landscape that may pose threats now and in the future.
 Cryptocurrency, Investopedia, May 2020, https://www.investopedia.com/terms/c/cryptocurrency.asp
 What is Monero (XMR)?, Monero, date unknown, https://www.getmonero.org/get-started/what-is-monero/
 US Law Enforcement Is Watching for Bitcoin Drug Purchases on Darknet, CoinTelegraph, July 2020, https://cointelegraph.com/news/us-law-enforcement-is-watching-for-bitcoin-drug-purchases-on-darknet
 The cryptocurrency-terrorism connection is too big to ignore, Washington Post, December 2018, https://www.washingtonpost.com/opinions/the-cryptocurrency-terrorism-connection-is-too-big-to-ignore/2018/12/17/69ed6ab4-fe4b-11e8-83c0-b06139e540e5_story.html
 New Technologies but Old Methods in Terrorism Financing, Collaboration, Research & Analysis Against the Financing of Terrorism (EU Internal Security Fund), 2020, https://www.uaf.cl/asuntos/descargar.aspx?arid=1633
 WHITE SUPREMACY EXTREMISM: The Transnational Rise of the Violent White Supremacist Movement, The Soufan Center, September 2019, https://thesoufancenter.org/wp-content/uploads/2019/09/Report-by-The-Soufan-Center-White-Supremacy-Extremism-The-Transnational-Rise-of-The-Violent-White-Supremacist-Movement.pdf
 National Terrorist Financing Risk Assessment, U.S. Department of the Treasury, 2018, https://home.treasury.gov/system/files/136/2018ntfra_12182018.pdf
 No, Isis Is Not Using Bitcoin To Hide $300 Million, Forbes, May 2020, https://www.forbes.com/sites/colinharper/2020/05/23/no-isis-is-not-using-bitcoin-to-hide-300-million/#2265529179ee
 National Terrorist Financing Risk Assessment, U.S. Department of the Treasury, 2018, https://home.treasury.gov/system/files/136/2018ntfra_12182018.pdf
 Terrorist Use of Cryptocurrencies, RAND Corporation, 2019, https://pdfs.semanticscholar.org/9743/4e42e443399182465fdd0210cecbc01f04d9.pdf
 Neo-Nazis, ISIS, and al-Qaeda Scammed with Fake Crypto Offers, CoinNewsEurope, October 2018, http://www.coinnewseurope.com/neo-nazis-isis-al-qaeda-scammed-fake-crypto-offers/
 CipherTrace develops Monero tracing tool to aid US DHS investigations, CoinTelegraph, August 2020, https://cointelegraph.com/news/ciphertrace-develops-monero-tracing-tool-to-aid-us-dhs-investigations
 US government is getting serious about tracking crypto, Decrypt, July 2020, https://decrypt.co/35585/us-government-getting-serious-tracking-bitcoin-crypto
 Cryptocurrency and the Dismantling of Terrorism Financing Campaigns, Lawfare, August 2020, https://www.lawfareblog.com/cryptocurrency-and-dismantling-terrorism-financing-campaigns
 Global disruption of 3 terror finance cyber-enabled campaigns, U.S. Immigration and Customs Enforcement, August 2020, https://www.ice.gov/news/releases/global-disruption-3-terror-finance-cyber-enabled-campaigns
 Screenshot, Al-Qassam Brigade, September 2020.
 AN EXAMINATION OF THE CHALLENGES POSED BY CRYPTOCURRENCIES TO AML/CTF REGULATION, Amsterdam Law Review, August 2020, https://amsterdamlawforum.org/articles/368/galley/493/download/