Hackers took down Colonial Pipeline Co., one of the largest fuel pipeline operators in the United States, on April 29. The hackers demanded to be paid in cryptocurrency, more specifically bitcoin, and, as you know, they were. Shortly after the attack, Colonial paid the hackers $4.4 million in bitcoin.
Then, like something out of a Satoshi Nakomoto-inspired Tom Clancy novel, on June 7 the FBI reported the recovery of $2.3 million worth of bitcoin from Darkside, the Russian-based gang behind one of the most disruptive cyber-heists in American history.
We now know that the Colonial pipeline attack, which resulted in severe shortages across the East Coast, was the result of a single compromised password. But how did the FBI manage to recover 63 of the 75 bitcoins paid to the Russians?
After all, bitcoin transactions are irreversible. The only way for a person to get their money back is by reaching out to the recipient and politely asking them to return the funds. I am not sure whether or not Colonial personnel tried this, but if they did, one imagines that the hackers weren’t very receptive to the idea. Cybercriminals are known for many things, but the possession of a conscience is not one of them.
Some think the whole ransomware affair is little more than a false flag—a crude ploy to sully bitcoin’s already iffy image. Like Alice, such people have gone straight down the rabbit hole. Perhaps some of you are reading this right now. If so, let me disabuse you of such notions.
Now, should the FBI be trusted? Considering Wikipedia has a whole page dedicated to FBI controversies, perhaps not. Nevertheless, bitcoin can be recovered quite easily, without the need for fantastical narratives. Let me explain.
To understand bitcoin, one must first understand the difference between hot storage and cold storage, or a hot wallet and a cold wallet. The former is connected to the internet; the latter is not. Hot wallets allow for quick transactions, but what they offer in expediency they lack in security. As Investopedia’s Luke Conway writes, “people who are not using enough security when using these hot wallets can have their funds stolen.”
Cold wallets, on the other hand, are far less vulnerable to attacks. These offline (or hardware) wallets store a user’s private key, which is needed to access bitcoin. Which brings us back to the hackers. They opted for hot storage over cold, and the rest, for them at least, is a tale of tragicomedy.
Okay, but how did the FBI access the hackers’ bitcoin?
In the world of crypto, bitcoin gets almost all of the limelight, although dogecoin aficionados have had quite a run, too. Without blockchain, however, there would be no limelight to lust after. With this distributed digital ledger, every single crypto transaction is recorded, whether you happen to be purchasing pizzas or paying criminals exorbitant sums of bitcoin.
Within the blockchain, there is something called “block explorer,” which is basically crypto’s answer to Google. This search engine allows users, including FBI officials, to search for very specific information. As crypto journalist Toby Hazlewood writes, “by interrogating the blockchain they were able to track down the location of the Bitcoin address to a rented temporary cloud server hosted in Northern California.” With $2.3 million worth of bitcoin still in hot storage, the FBI obtained a subpoena, seized the server, and recovered the private keys. It was less a tale of FBI ingenuity than it was of sloppiness on the hackers’ part. If all of the bitcoin had been placed in cold storage, then the story would have turned out very differently.
There is a false belief that bitcoin transactions are anonymous in nature—they’re not. They are pseudonymous, meaning some form of re-identification is always possible. With blockchain technology, transparency, not opacity, is its defining feature.
Shortly after the FBI’s announcement, the price of bitcoin fell from around $35,500 to well under $34,000. The idea that the FBI, a government agency, could seize the ransomware payment so easily did not sit well. After all, what occurred undermines the whole idea of bitcoin being free from the tyranny of centralized power networks.
But the truth of the matter is this: nothing and no one is free from the eyes of government officials. Around the world, authoritarianism is on the rise. The idea of privacy as we know it is quickly disappearing. The panopticon’s light shines bright, perhaps brighter than ever before. And the world of crypto is not immune from its penetrating glare. JBS Holdings, the world’s largest meat company, has just forked out $11 million in ransomware payments, also in bitcoin, to a separate group of hackers. Will it be recovered? Probably not, but don’t be surprised if it is.
Jon Rice, the editor-in-chief at Cointelegraph, thinks bitcoin’s traceability is a strength, not a weakness. “It’s very traceability,” he told me, “means that Bitcoin is actually a hero, the digital equivalent of the exploding blue paint in a bag full of stolen cash in a heist movie.”
Is bitcoin to blame for the ransomware attacks? Of course not. Ransomware attacks are on the rise, and bitcoin just happens to be the hottest ticket in town. The demonization of bitcoin is easy and convenient for those in power, and as Rice noted, “ransomware attacks provide a useful opportunity to portray bitcoin as a villain.”
The villains, however, are the true villains.
Now, some are calling for a bitcoin ban, a demand that is as absurd as it is unfeasible. With places like El Salvador and Paraguay embracing the digital currency, it matters very little whether or not the United States bans it.
As the economist Jeffrey Tucker told me via email, “art thieves like Vemeer and Picasso. But no one would suggest that the existence of art thieves means that people should not paint.” Bitcoin is an attractive asset for humans, be they criminal or otherwise. There are now 46 million Americans who own bitcoin. Outlawing it is not realistic, nor is it in any way helpful.
It fails to address the elephant in the room, i.e., the chronic underfunding of American cybersecurity. While allocating almost $2 trillion toward military spending, the U.S. government has set aside a budget of just $17.4 billion to deal with cyber threats. Each week, around the world, a thousand different companies and government branches are the victims of ransomware attacks. As technology becomes more sophisticated in nature, this staggering number will only grow in size.
As the aforementioned Hazlewood writes, “to blame bitcoin for the existence of ransomware is naive and a case of scapegoating the currency for the crime.”
He makes a valid point. The first cyberattack occurred in the ’80s, long before cryptocurrencies arrived on the scene. Instead of focusing on the banning of bitcoin, how about regulating it? And, when it comes to ransomware attacks, instead of scapegoating bitcoin, how about putting more energy into fixing America’s shoddy cybersecurity systems? Make no mistake about it, with or without bitcoin, further ransomware attacks are inevitable, and the United States is ill-prepared.
John Mac Ghlionn is a researcher and essayist. His work has been published by the likes of bitcoin magazine, New York Post, South China Morning Post, and the Sydney Morning Herald.