Cryptocurrency E-Crimes
Cryptocurrency E-Crimes
Name
Institution
Introduction
Cryptocurrency can be defined as a type of digital currency that is created by a public network instead of the government[1]. Cryptocurrencies use cryptography to ensure that payments are made safely. Cryptography entails changing clear information into a code that cannot be cracked[2]. Cryptography came about during the Second World War due to the need for secure communication[3]. Bitcoin is the first decentralised cryptocurrency, it was introduced Satoshi Nakamoto (a pseudonym) in 2008. Currently, there are other decentralised cryptocurrencies such as Ethereum and Litecoin. Decentralised cryptocurrency can be traced back one that Nick Szabo worked on from 1998 to 2005 known as the Bit Gold. Decentralised cryptocurrencies gained a lot of momentum after people started to lose faith in the centralised currencies following the global financial crisis of 2007-2008.
The existing cryptocurrencies in the market as of September 2017 are 1100 and their estimated value is about 60 billion US dollars[4]. The use of cryptocurrencies has not been free from criminal activities. There have been a number of criminal activities due to the fact that cryptocurrencies are decentralised and also are not well regulated in the places where they operate. For example, there was a hack at a company known as Mt. Gox which led to a loss of over 500 million US dollars. There have also been creations of malwares that are designed to steal from the wallets of cryptocurrency users. There is, as a result, a need to look into cryptocurrencies e-crimes and how they can be prevented. This paper will focus on cryptocurrencies e-crimes and how they can be dealt with.
How Cryptocurrencies Work
Bitcoin has the most successful system of cryptocurrencies and this paper will, therefore, have a focus on the Bitcoin and its system of operation. The Bitcoin operates on three main parts. One is known as the Blockchain. The Blockchain allows transactions to be registered in a public system. The second part is known as the asymmetric encryption that allows the validation of the currency’s operations using an encryption algorithm. The third is the decentralised computer network that is used in the verification and validation of users and to update the Blockchain of its users. The Bitcoin system of operation allows users to make wallets that allow them to transact freely.
The use and issuing of cryptocurrencies is not under state and, therefore, operates independent of any state legislation. The first step in transacting using the Bitcoin is to create a user. This requires that a person has an internet connection and the needed software referred to as Bitcoin Client. The kind of software that is used is the open source kind which allows users to vary codes as they please. The Bitcoin Client allows users to make Bitcoin wallets whereby users store their Bitcoins, mine Bitcoins, verify transactions and trade Bitcoins. The process of mining Bitcoins is about verifying the amounts that are being transferred. Each transaction that takes place needs the validation of a minimum of three miners.
Every Bitcoin wallet has a password similar to a login and password. The Bitcoin wallet system does not allow others to know who really owns a wallet since each wallet is represented by a number. The Bitcoin helps eliminate the dilemma of double spending. Each Bitcoin has its own identification and the Bitcoin system ensures that how the Bitcoin has been used since it was created is checked. This helps prevent the use of one Bitcoin to make multiple payments. The main challenge posed by the Bitcoin system is that of anonymity. This goes against the traditional banking know your customer (KYC) rules. The Bitcoin system makes it difficult to know the real identity of the users making it easy to facilitate crimes, such as money laundering and fraud. The anonymity also makes it difficult to prevent illegal practices such as drug trafficking and terrorist activities.
Regulation of Cryptocurrencies
There is no norm on how cryptocurrencies are used. The use of cryptocurrency is an emerging issue that has yet to be well regulated. Regulation of cryptocurrency and the crimes brought about by its use is mainly through state regulation and self-regulation. There is a need for states to regulate cryptocurrencies in order to prevent their abuse. Traditional banking has always been well regulated and cryptocurrency should be no exception. There are not many state laws that address the issue of cryptocurrencies and countries are still attempting to enact some laws to deal with the issues that come with the use of cryptocurrencies.
The United Kingdom government has been trying to regulate the use of cryptocurrencies and in particular Bitcoins. This is especially in the midst of concerns by the government that criminals have taken into using cryptocurrencies to avoid paying taxes to also for money laundering. The Treasury is seeking to regulate cryptocurrencies though the European Union anti-money laundering laws which require that traders should disclose their identities[5]. The use of Bitcoins hides the identity of the users. A criminal can, as a result, use Bitcoins in furtherance of their criminal activities. Each and every state subsequently has to put some rules in place to prevent these crimes.
Self-regulation of cryptocurrencies plays a huge role for the reason that the state regulation is almost non-existent. Self-regulation simply means regulation by the cryptocurrencies industry itself. Self-regulation is quite important since the various cryptocurrencies entities voluntarily form rules that bind them. These rules have to be consistent with state laws. Self-regulation has a high chance of success due to the fact that the entities are the ones who come up with the rules[6]. States and the international community continue to be suspicious of cryptocurrencies. There is, therefore, a need for the cryptocurrencies to come with rules which make them more credible to all. There is also a need for them to come up with rules that will prevent crimes especially electronic crimes
Laws on Cryptocurrency E-Crimes
There are no specific laws dealing with cryptocurrency e-crimes. However, cryptocurrency e-crimes fall under cybercrimes and should, therefore, be governed by the laws that deal with cybercrimes. The UK National Cyber Security Strategy defines a cybercrime as a criminal activity that takes place through an ICT device[7]. For example, these devices can be used to create malware for monetary gains, hacking and distorting data[8]. The main forms of cybercrimes associated with cryptocurrencies are hacking, the disruption of the way a computer functions and fraud. Hacking is the unauthorised entry into computers so as to exploit the safety vulnerabilities for monetary gains[9]. The disruption of the way a computer functions entails creating a malware such as Trojans that interferes with the normal operations of a computer. These cybercrimes are governed by several laws.
First, there is the Computer Misuse Act 1990. This statute deals with offences where computer systems are attacked such as by hacking. Section 2 of the Act provides that it is an offence to access a computer or related devices without authorisation with the intention of committing or aiding other criminal activities. The Regulation of Investigatory Powers Act 2000 also makes hacking illegal. Section 1 of this Act provides that it is an offence to intercept the transmission of any information. The Data Protection Act additionally protects personal information that is obtained through malwares.
Online fraud mainly takes place through phishing and pharming. Phishing refers to disguising fraudulent emails as legitimate so as to obtain information from users[10]. Pharming entails directing users to sham websites so that they can put in their personal details. The Fraud Act 2006 makes it an offence to use such means to acquire personal data for fraudulent purposes.
These national laws need to be supplemented by international law because of jurisdictional issues. Various legal systems have different provisions of cybercrime. The perpetrator may not be in the same jurisdiction as the victim. Additionally, cyber criminals may take advantage of legal systems with the least stringent laws on cybercrimes and conduct their criminal activities there. These are things that the international community took note of and came up with legislative responses. The efforts of the international community to fight cybercrime can be traced back to the Ministers’ Communique that was released in 1997 with a plan to fight cybercrime. The United Nations General Assembly additionally adopted a resolution in 1990 to deal with cybercrimes and other ones in 2000 and 2002 to deal with the abuse of information technology. The International Telecommunication Union (ITU) an outfit of the United Nations also leads the fight against cybercrime. One can also not fail to recognise the role of the Council of Europe in helping fight cybercrime.
The efforts by the Council of Europe can be seen in their drafting of the Convention on Cybercrime in 2001. The Convention is also known as the Budapest Convention. The Convention on Cybercrime can be described as an international treaty that is aimed at harmonizing state laws on cybercrime[11]. The goal of the Convention is to protect the public against cybercrime by taking measures to criminalize and fight it both domestically and internationally. The Convention is divided into three main parts. The first part deals with what are the cybercrime offenses that are to be ratified by the various countries into national law. The second part deals with the procedures that must be followed when investigating cybercrimes or those committed electronically. The third part deals with international cooperation in order to combat cybercrimes. This Convention has been the main international instrument that has been used to combat cybercrimes alongside the ITU and the United Nations Office on Drugs and Crime.
Cases of Cryptocurrency e-crimes
There are several cases of cryptocurrency e-crimes, especially in Japan. The two prominent cases are that of Mt. Gox and Bitstamp hacking. As 2014 began, Mt. Gox was the largest trader of bitcoin with a 70% share of all transactions in the world[12]. By February the same year, they were hacked and lost about 740,000 bitcoins estimated to have a value of 3 billion US dollars[13]. Most of these bitcoins are yet to be recovered to date. Mt. Gox rose to prominence after it was purchased by Mark Karpeles from Jed McCaleb in 2011.
Mt. Gox was first hacked in 2011 but it still rose to prominence as the biggest bitcoin trader in spite of the hack. However, on the 7th of February 2014, Mt. Gox put a stop to bitcoin withdrawals only for it to later emerge that there had been a massive hack at Mt. Gox. After the hack, Mt. Gox filed for bankruptcy and it is still under investigation. Mark Karpeles was also arrested for fraud and embezzlement as it is speculated that he was manipulating the numbers to give the illusion that Mt. Gox had more bitcoin that it actually had. A Russian by the name of Alexander Vinnik was arrested in July 2017 in Greece by United States authorities and was charged with helping launder bitcoins that had been stolen from Mt. Gox[14]. BTC-e, a bitcoin exchange, was also shut down as part of the investigation on the Mt. Gox hack.
Bitstamp is another bitcoin exchange that was a victim of hacking. Bitstamp is based in the UK and it was estimated to be the second largest bitcoin exchange worldwide as of September 2014[15]. Bitstamp was established as an alternative in Europe in response to the dominance of Mt. Gox. Bitcoin withdrawals were first suspended in February 2014 as it was faced with a distributed denial-of-service[16]. It then suspended bitcoin exchange again in January 2015 due to a hack. The speculations are that Bistamp lost 19,000 bitcoins in the hack[17].
There have been other instances of cryptocurrency cybercrimes that are worth being mentioned. The first instance is the hack on Allinvain. Allinvain was the first victim to suffer a major loss due to a hack. Their computers were hacked and 25,000 bitcoins were taken from their wallet[18]. Bitcoinica is another victim of hacking that lost thousands of bitcoins in 2012. Bitcoin Savings and Trust is also known for fraud after it established a Ponzi scheme dealing with bitcoins. There are many other instances of cryptocurrency cybercrimes and in particular hacking that cannot be exhausted. It is in fact estimated that a third of bitcoin exchanges have been victims of hacking and about have of them have been shut down since they started operating[19]. This leads us to the next point that law enforcement operations should be prioritised in dealing with cryptocurrency e-crimes.
Law Enforcement Operations on Cryptocurrency E-Crimes
Law enforcement agencies have been on their toes to deal with cryptocurrency e-crimes. This can be evidenced by the arrest of Alexander Vinnik by the US authorities and the investigations into BTC-e with regards to the Mt. Gox hack. In January 2017, law enforcement agencies from all over the world met in Doha, Qatar[20]. These agencies such as the Interpol and Europol converged to discuss the use of digital currencies to launder money. They mainly debated on how they can prevent crimes that are associated with digital currencies.
Interpol recognises that cyberspace has no borders and, as a result, makes it difficult for police forces to carry out investigations on cybercrime. Interpol consequently helps its member states to share information on cybercrimes that have occurred. It also assists coordinate investigations among member states. Europol also coordinates efforts in the European Union to help combat cybercrime. Local police have also not been left behind. The UK police are currently being trained on how to hack so that they can learn to catch cyber criminals[21].
Private bodies such as the Anti-Phishing Working Group (APWG) have also been at the forefront of fighting cryptocurrency cybercrime. The APWG is a global organisation that deals with electronic crimes. In a conference that the APWG held in 2015, there was a resolve that they would deal with the risks brought about by the use of cryptocurrency[22]. They also created a forum to fight cybercrimes associated with cryptocurrencies. This move was informed by the Mt. Gox hack and the attack on Bitstamp. The APWG is the main private body that deals with cryptocurrency e-crimes. It works alongside the various governments law enforcement agencies of countries all over the world.
Analysis and Discussion
The use of cryptocurrencies has been on the rise ever since they were introduced to the market. The main cryptocurrency that is being used is the Bitcoin. The use of cryptocurrencies does not fall under the traditional financial institutions regulations. This has created a conducive environment for criminal activities to thrive. For example, the use of Bitcoins hides the identity of the user. This has made it possible for money laundering and furtherance of crimes such as trafficking of drugs and terrorism. Additionally, cryptocurrencies exchange is prone to cybercrime seeing as exchange is mainly done online.
The above cases on cryptocurrencies cybercrime point to the fact that there is a need to address this issue. Numerous people have lost their money due to this kind of cybercrimes. People on the web are not well protected. To worsen the matter, cryptocurrencies are not well regulated. It is estimated that a third of Bitcoin exchange have been hacked and nearly half them have been shut down in the last six years[23]. The use of cryptocurrencies has also been susceptible to fraud. For example, several Ponzi schemes dealing with Bitcoins have been created. Mark Karpeles is also under trial on the charge of dealing fraudulently with Bitcoins. Everything mentioned above serves as the evidence of the need to properly regulate cryptocurrencies in order to protect those who deal with them.
Conclusion and Recommendations
Cryptocurrency is a form of digital currency that is created over a public network but not by the government. The creators of cryptocurrencies are more often anonymous and this anonymity is also maintained amongst users. Decentralised cryptocurrencies operate worldwide and have been preferred over centralised currencies since the global financial crisis of 2007-2008. The Bitcoin is the most used cryptocurrency. The use of cryptocurrencies is not well-regulated making it possible for furtherance of criminal activity. Cybercrimes are especially prominent in the use of cryptocurrencies. The main cybercrimes are hacking, fraud, and the interference using malware of how the computer functions. These cybercrimes are governed by several national laws such as the Computer Misuse Act 1990 and the Fraud Act 2006. However, these national laws are not effective due to jurisdictional issues. Most of the times, the perpetrator and the victims of cybercrimes are not under the same legal system making it difficult to enforce national laws. This makes international laws the best way to deal with cryptocurrencies cybercrimes. The international community has been putting in places laws to deal with cybercrime. The main international instrument in use is the Convention on Cybercrime 2001. However, the enforcement of this Convention is limited since not all countries have ratified this treaty. Countries such as China and Russia have been opposed to this Convention thereby impeding the efforts to combat cybercrime. The various law enforcement agencies in the world have also been carrying out operations to fight cryptocurrencies cybercrime. The cryptocurrencies cybercrimes continue to rise and the use of digital currency increases. There are subsequently some recommendations that this paper seeks to put forth on how these cybercrimes can be dealt with.
First, there is a need to know the identity of the users of cryptocurrencies. Criminals have hidden behind the veil of anonymity to steal money from people. Lifting this veil of anonymity would go a long way in reducing cybercrimes. Second, there is a need to vet companies that deal with the exchange of cryptocurrencies. Some companies have been creating Ponzi schemes with the intention of defrauding people. Such companies ought not to be licensed in the first place. Finally, there is a need for the enactment of a uniform law worldwide that deals with cryptocurrencies cybercrimes. Criminals should not be allowed to take advantage of countries with less severe laws to further their crimes.
Bibliography
Alex Bennett, ‘Teaching our police force how to hack like the pros’ (Wired, 12 June 2017) <http://www.wired.co.uk/article/teaching-police-hacking> accessed 11 December 2017
Alex Hern, ‘A history of bitcoin hacks’ (The Guardian, 18 March 2014) <https://www.theguardian.com/technology/2014/mar/18/history-of-bitcoin-hacks-alternative-currency> accessed 11 December 2017
Andrew Norry, ‘The History of the Mt Gox Hack: Bitcoin’s Biggest Heist’ (Blockonomi, 29 November 2017) <https://blockonomi.com/mt-gox-hack/> accessed 11 December 2017
Cambridge Dictionary <https://dictionary.cambridge.org/dictionary/english/cryptocurrency> accessed 11 December 2017
Cara McGoogan and Matthew Field ‘What is cryptocurrency, how does it work and why do we use it?’ (The Telegraph UK, 11 December 2017) <http://www.telegraph.co.uk/technology/0/cryptocurrency/> accessed 11 December 2017
Cryptocurrency Facts <http://cryptocurrencyfacts.com/> Accessed 11 December 2017
Doles Silva, ‘Cryptocurrencies and International Regulation’ (UNICTRAL, 2017) <http://www.uncitral.org/pdf/english/congress/Papers_for_Congress/29-DOLES_SILVA-Cryptocurrencies_and_International_Regulation.pdf> accessed 11 December 2017
Gertrude Chavez-Dreyfuss, ‘Cyber threat grows for bitcoin exchanges’ (Reuters, 29 August 2016) <https://www.reuters.com/article/us-bitcoin-cyber-analysis/cyber-threat-grows-for-bitcoin-exchanges-idUSKCN11411T> accessed 11 December 2017
Kacper Piotrowski, ‘Law Enforcement agencies meet in Doha to debate cryptocurrencies and money laundering’ (EU-OCS, 21 January 2017) <https://eu-ocs.com/law-enforcement-agencies-meet-doha-debate-cryptocurrencies-money-laundering/> accessed 11 December 2017
Michael A. Vatis, ‘The Council of Europe Convention on Cybercrime’ Proceedings of a Workshop on Deterring Cyber Attacks: Informing Strategies and Developing Options for U.S. Policy http://www.nap.edu/catalog/12997.html
Shafi Musaddique, ‘UK Government plans Bitcoin crackdown amid money laundering concerns’ (The Independent, 4 December 2017) <http://www.independent.co.uk/news/business/news/uk-bitcoin-regulation-money-laundering-cryptocurrency-european-union-eu-a8090791.html> accessed 11 December 2017
The Anti-Phishing Working Group, ‘APWG eCrime 2015 Explores Cybercrime Threatening Bitcoin and Cryptocurrencies’ (APWG, 19 April 2015) <https://globenewswire.com/news-release/2015/04/29/729697/10131369/en/APWG-eCrime-2015-Explores-Cybercrime-Threatening-Bitcoin-and-Cryptocurrencies.html> accessed 11 December 2017
The UK Government Website <http://www.cps.gov.uk/legal/a_to_c/cybercrime/> accessed 11 December 2017
World Heritage Encyclopedia, ‘Bitstamp’ World Heritage Encyclopedia Website <http://schoolebooklibrary.org/article/WHEBN0040415793/Bitstamp> accessed 11 December 2017
Citations
[1] Cambridge Dictionary <https://dictionary.cambridge.org/dictionary/english/cryptocurrency> Accessed 11 December 2017
[2] Cara McGoogan and Matthew Field “What is cryptocurrency, how does it work and why do we use it?” (The Telegraph UK, 11 December 2017) <http://www.telegraph.co.uk/technology/0/cryptocurrency/> Accessed 11 December 2017
[3] ibid
[4] Cryptocurrency Facts <http://cryptocurrencyfacts.com/> Accessed 11 December 2017
[5] Shafi Musaddique, “UK Government plans Bitcoin crackdown amid money laundering concerns” (The Independent, 4 December 2017) <http://www.independent.co.uk/news/business/news/uk-bitcoin-regulation-money-laundering-cryptocurrency-european-union-eu-a8090791.html> Accessed 11 December 2017
[6] Doles Silva, “Cryptocurrencies and International Regulation” (UNICTRAL, 2017) <http://www.uncitral.org/pdf/english/congress/Papers_for_Congress/29-DOLES_SILVA-Cryptocurrencies_and_International_Regulation.pdf> Accessed 11 December 2017
[7] The UK Government Website <http://www.cps.gov.uk/legal/a_to_c/cybercrime/> Accessed 11 December 2017
[8] ibid
[9] ibid
[10] ibid
[11] Michael A. Vatis, “The Council of Europe Convention on Cybercrime” Proceedings of a Workshop on Deterring CyberAttacks: Informing Strategies and Developing Options for U.S. Policy
<http://www.nap.edu/catalog/12997.html>
[12] Andrew Norry, “The History of the Mt Gox Hack: Bitcoin’s Biggest Heist” (Blockonomi, 29 November 2017) <https://blockonomi.com/mt-gox-hack/> Accessed 11 December 2017
[13] ibid
[14] ibid
[15] World Heritage Encyclopedia, “Bitstamp” World Heritage Encyclopedia Website <http://schoolebooklibrary.org/article/WHEBN0040415793/Bitstamp> Accessed 11 December 2017
[16] ibid
[17] ibid
[18] Alex Hern, “A history of bitcoin hacks” (The Guardian, 18 March 2014) <https://www.theguardian.com/technology/2014/mar/18/history-of-bitcoin-hacks-alternative-currency> Accessed 11 December 2017
[19] Gertrude Chavez-Dreyfuss, “Cyber threat grows for bitcoin exchanges” (Reuters, 29 August 2016) <https://www.reuters.com/article/us-bitcoin-cyber-analysis/cyber-threat-grows-for-bitcoin-exchanges-idUSKCN11411T> Accessed 11 December 2017
[20] Kacper Piotrowski, Law Enforcement agencies meet in Doha to debate cryptocurrencies and money laundering” (EU-OCS, 21 January 2017) <https://eu-ocs.com/law-enforcement-agencies-meet-doha-debate-cryptocurrencies-money-laundering/> Accessed 11 December 2017
[21] Alex Bennett, “Teaching our police force how to hack like the pros” (Wired, 12 June 2017) <http://www.wired.co.uk/article/teaching-police-hacking> Accessed 11 December 2017
[22] The Anti-Phishing Working Group, “APWG eCrime 2015 Explores Cybercrime Threatening Bitcoin and Cryptocurrencies” (APWG, 19 April 2015) <https://globenewswire.com/news-release/2015/04/29/729697/10131369/en/APWG-eCrime-2015-Explores-Cybercrime-Threatening-Bitcoin-and-Cryptocurrencies.html> Accessed 11 December 2017
[23] Gertrude Chavez-Dreyfuss, “Cyber threat grows for bitcoin exchanges” (Reuters, 29 August 2016) <https://www.reuters.com/article/us-bitcoin-cyber-analysis/cyber-threat-grows-for-bitcoin-exchanges-idUSKCN11411T> Accessed 11 December 2017