Digitization is advancing inexorably. More and more areas of public and private life are shifting to the Internet. While the sunny side of digital progress is always generating new innovations for mankind, the dark side is causing more and more reports of cyber attacks, blackmail and digital character assassination campaigns. Law enforcement agencies face a constant cat-and-mouse game. You can find out here which methods investigators use and what role the blockchain plays in this.
A representative PwC survey gives a clear picture. Every year, the auditing company surveys around 5,000 company representatives from all over the world on the subject of white-collar crime. According to 2020 data, almost half of respondents have experienced at least one digital attack on their company in the past two years. According to the survey, the cumulative damage amounts to 42 billion euros.
Cybercrime accounted for around a third of all attacks. The main goals are primarily in the industrial sector, in political or public institutions or in the media and communication sector. Just recently, a ransomware attack on Colonial Pipeline, the largest gasoline pipeline in the USA, made headlines – the blackmailers: inside collected a ransom of 75 Bitcoin.
In addition, companies are increasingly suffering from industrial espionage. The WISKOS project of the Federal Ministry of Education and Research assumes that spying on German companies will result in damage of around 100 billion euros annually.
According to a 2014 report by the Office for the Protection of the Constitution, mainly Russian and Chinese intelligence services are involved in spying on German companies. In 2015, however, the BKA also considered espionage activities from the USA, Great Britain and France to be possible.
Authorities around the world agree that cybercrime is one of the greatest challenges facing law enforcement. That is why international staff is being increased and specially trained. More and more investigators are also relying on blockchain technology. To learn exactly how law enforcement works via the blockchain, it took Cryptocompass talked to Albert Sperl.
Sperl worked for the Austrian Federal Ministry of Defense from 2001 to 2018. Initially, his training focus was on areas such as human intelligence, open source intelligence and social media intelligence. In 2014 this was followed by a specialization in blockchain technologies and cryptocurrencies. In June of this year, Sperl honed his skills with further training at the McAfee Cyber Institute, whereupon he became the first Certified Cryptocurrency Forensic Investigator (CCFI) Austria became. With a handful of business partners, he is currently founding a company that wants to support authorities and private individuals in the fight against cybercrime. The team consists of experienced experts from various military or police fields. The advantage over authorities: You have better equipment and work considerably faster due to flatter hierarchies.
Determine on the blockchain
Nevertheless, the Austrian sees the state authorities already well positioned:
Authorities learn new things with each offense and continue to educate themselves. Unfortunately it is an eternal game of cat and mouse.
The investigation methods in the Internet or Darknet hardly differ from conventional, analog criminal prosecutions, says Sperl. Basically, it is always about building trust in the goals and thus luring them out of cover.
Something similar happens with crimes in connection with crypto currencies. You start with undercover work, but the key to success is monitoring transactions:
All transactions have a start and end point, regardless of whether they are used for legal or illegal purposes. Money can ultimately be traced, whether on an exchange or through personal and business (financial) records.
Cybercrime: Tasks of a CCFI
As a CCFI, DLT is an enormous help for Sperl. By logging the individual transactions, the specialist can understand exactly where specific transfers went. With the help of special software, he is even able to extract the associated wallet. The IT forensic scientist uses the so-called S.ecure-A.analysisP.resent model.
At the beginning, the focus is on backing up the relevant raw data. This is followed by the evaluation and evaluation of the secured information. Finally, in the “present phase”, the respective results are presented visually and conclusions are drawn. Each of the three work steps must always be documented in such a way that a third person can understand them.
Although the recovery of stolen or extorted money is not possible, authorities can provide detailed information on backers to speed up prosecution, says the blockchain forensic scientist.
Buy character assassination campaigns
Sperl currently sees a trend in targeted character assassination campaigns. This type of blackmail comes from the USA and is mainly used in politics. But it is also becoming increasingly popular in business. In this way, for example, unpleasant market participants can be removed from the way or outstanding bills settled.
In this case, it was about a blackmailer who demanded a ransom to stop his smear campaign against two entrepreneurs. Authorities established contact with the person by presenting themselves as interested in the “services”. 500 US dollars would have been enough for a homepage along with false statements about the target person.
More cooperation increases the cybercrime clearance rate
Companies can protect themselves with relatively obvious methods, such as keeping passwords safe or reporting suspicious contact requests. However, there is no blanket formula to protect yourself as a company or private person. It always makes sense to reflect on your own mind, says Sperl.
Basically, it has to be said that if something sounds too good to be true, it is too. Nobody gives anything away on the internet. If you haven’t played anywhere, you can’t have won anything. You should always listen to your gut instinct and your common sense.
The best protection is likely to come from deterrence through a high clear-up rate. In times of pandemic and permanent lockdown in particular, crime on the Internet was extremely popular. The BKA registered around 108,000 cybercrimes in Germany last year. About a third of the cases could be resolved. A similar picture emerges in Austria with a rate of 35.8 percent. In the Colonial Pipeline case study, the overseas authorities were also successful when the FBI was able to secure a large part of the extorted BTC by investigating the blockchain in search of clues.
According to Albert Sperl, the clearance rate is good, also because more and more authorities are adding blockchain specialists to their cyber departments, but the Austrian would like more cooperation between law enforcement authorities and companies.
It is extremely important that law enforcement agencies and private companies work together to investigate and solve cases of internet fraud related to cryptocurrencies. We will only be successful in this area through a targeted exchange of information, new technologies, partnerships and joint training.
This article first appeared in the July issue of our monthly magazine “Kryptokompass”. If you want to find out more about this – you can find all information about the subscription here.