Security and Law Enforcement on Crypto Cybercrimes on blockchain

What’s a Blockchain???

A blockchain is a digital concept to store data. This data comes in blocks, so imagine blocks of digital data connected by a chain. These blocks are chained together, and this leads to making their data immutable i.e, if a block of data is chained to the other blocks by some secure algorithms, its data can never be changed. It will be publicly available to anyone who wants to see it ever again, in exactly the way it was first added to the blockchain. This is a huge leap towards a secure platform, because it allows us to keep track of records of pretty much anything we can think of without being at worried about someone tampering with those records stored on blocks. And one important aspect of the blockchain is the transactions can be done anonymously which is why the platform is very famous over the darknet.

What is Cryptographic Hashing?

Hashing functions are an primary part of every cybersecurity applications/protocols and of many major cryptocurrency protocols such as Bitcoin and Ethereum.

What’s hashing?

Hashing is a cryptographical method that converts any kind of data into a unique string of text. Any piece of data can be hashed, irrespective of its size. In traditional hashing, regardless of the data’s size, type, or length, the hash produced by any data is always the same length. A hash is designed to act as a one-way function i.e, one can put data into a hashing algorithm and get a unique string, but if one comes upon a new hash, one cannot decipher the input data it represents. A unique piece of data will always produce the same hash output.

What are Merkle Trees?

Merkle trees are the most important part of blockchain technology. A merkle tree is a structure that can be used for secure verification of data in a large amount of data. This structure helps check the consistency and content of the data. Merkle trees are used by both Bitcoin and Ethereum cryptocurrencies.

A Merkle tree condenses all the transactions in a block by producing a digital fingerprint (message digest) of the entire set of transactions, which enables a user to verify whether or not a transaction is included in a block.

Merkle trees are created by hashing the pairs of nodes over and over until there is only one hash left (also called the Root Hash, or the Merkle Root). They are constructed from the bottom up, from hashes of individual transactions (known as Transaction IDs).

Ethereum

Ethereum is an open source, decentralized blockchain software platform used for it’s own cryptocurrency commonly known as ethers. Ethereum is the second largest cryptocurrency after bitcoin. Ethereum uses proof of work consensus unlike Bitcoin which uses proof of stake consensus algorithm.

Ethereum uses three different Merkle Roots in each block:

1. The first root is of the transactions in the block

2. The second root represents the state

3. The third root is for transaction receipts

Ethereum uses a special type of hash tree called the ‘Merkle Patricia Tree’

What’s the problem?

The anonymous and decentralized nature of cryptocurrencies has turned them into a powerful weapon in the cyberarsenal of national and international criminal groups by facilitating their illicit activities while evading prosecution. However, despite the numerous challenges that the international law enforcement community faces when investigating cryptocurrencies, a number of investigation opportunities do exist.

Criminals use cryptocurrencies such as Bitcoin for various purposes like money laundering, scamming victims for ransom, buying illegal goods over darknet/deepweb. For years, reports have also suggested that well-known terrorist organizations such as ISIS or Al-Qaeda were using cryptocurrencies to procure funding.

How do we control these criminal activities?

Although blockchain technology is pseudo-anonymous and behaves like an infinite, immutable, data ledger that houses every single cryptocurrency transaction ever made, it still helps the law enforcement agents trace and follow the money.

For obvious reasons, law enforcers cannot immediately identify the parties involved in a Bitcoin transaction, but they can identify and study patterns in the movement of cryptocurrency to profile and de-anonymize suspects. Thereby narrowing their targets.

Law Enforcement Agencies

Law enforcement agencies handle the legal aspects of the transactions while actively collaborating with several specialized firms in the domain such as Comply Advantage and Elliptic for identifying criminal activites.

Elliptic, based in London, and founded by Tom Robinson in 2013, provides blockchain analysis services. Their primary focus is on preventing money laundering rather than tracking down criminals.

To achieve this, they provide tools to businesses such as cryptocurrency exchanges and financial institutions, that allow them to screen cryptocurrency transactions for links to criminal activity.

What does Elliptic do?

1 — Helps financial institutes/ organizations to monitor and understand their vulnerability to crypto.

2 — Trace suspicious payments and help in uncovering cyber criminals and crypto crime activities.

3 — Provide expert training on analysis of crypto currency activity.

Advantages of Law Enforcement

One loophole in blockchain is that anyone is able to track all the transactions of a specific Bitcoin address, with records dating back to their first transaction. This enables law enforcement to trace the cash in a way that they could never do before

Bitcoin is much less anonymous than people think. A Bitcoin address is essentially an account number. If you can connect a person to the address, then you may know all of the transactions that person made.