Most of the internet today, known as Web2, is owned by companies. They control the majority of websites, data and profits. But many experts believe that the blockchain is enabling a revolution toward Web3: a decentralized internet owned by individuals and communities of users, in which they will control their data, content, privacy and profits.
While this sounds like a utopia for content creators and grassroots investors, it also creates an opportunity for criminals and terrorists to exploit an unregulated, anonymous and decentralized landscape. Despite the recent volatility in the cryptocurrency market, which has seen the value of numerous cryptocurrencies decline sharply, most experts agree that blockchain technologies and cryptocurrencies are here to stay, and mainstream adoption will continue to expand. Here’s what law enforcement and security organizations need to know to protect the public.
What is the blockchain?
The foundational technology of Web3 is the blockchain, a distributed public ledger that records information, including cryptocurrency transactions, non-fungible token (NFTs) and smart contracts. Information is maintained using a network of decentralized nodes, which require a consensus to add new records.
Every blockchain transaction and its associated metadata is recorded on the public ledger with the information being publicly available, but the identities of transaction makers are anonymous. The anonymous and unregulated nature of the blockchain and the applications of its technologies invite a variety of illicit activity.
Cryptocurrencies: Enabling criminality
The first applications implemented on the blockchain were cryptocurrencies, like Bitcoin, Bitcoin Cash and Ethereum. These monetary alternatives leveraged the main features of the blockchain to create an alternative to standard financial systems: a currency that is decentralized, fast, global and pseudo-anonymous.
Crypto is exploited by illicit actors in many ways today: as a means to sell and trade illegal goods in dark marketplaces, a method to launder money, a way of funding terror campaigns and a form of payment for ransomware campaigns. These are just the tip of the iceberg of known illicit activities based on cryptocurrencies.
NFTs: A new tool in money laundering
An example of a non-fungible item is a baseball card with a unique serial number and value which cannot be replaced. This is different from a fungible or interchangeable item, such as a one-euro coin, which can be replaced with another one-euro coin with no distinction in any parameter such as value or look.
An NFT is a one-of-a-kind token that represents ownership of a digital asset, and it is verified by blockchain technology. Whereas cryptocurrency might be analogous to fiat currency, an NFT is like a property deed. Instead of a home registered with a municipality’s title office, an NFT is a digital asset registered on the decentralized blockchain.
NFTs are often used in money laundering, such as in the case of wash trading, in which one party or colluding parties buy and sell an asset to manipulate the market or launder money. Due to the pseudo-anonymous nature of the blockchain, one can use multiple wallets to make a transaction appear to be between multiple parties. This tactic is popular in money laundering, since the same individual or company can create an NFT and sell it to himself, declaring the funds to be legal.
The next step: Web3
Today’s internet is centralized, with the vast majority of data and servers owned by large tech companies. Web3 is the decentralized evolution of the internet that uses blockchain technology to enable applications, platforms, data and more. A decentralized internet is effectively “owned” by the users themselves and will be facilitated by the natural integration of cryptocurrencies and NFTs in every platform and application, such as Decentralized applications (Dapps), decentralized autonomous organizations (DAOs) and metaverses.
Decentralized applications: An anonymous way to do business
Dapps are applications that run on the blockchain instead of centralized servers. Today’s standard apps are owned by companies, with data and servers controlled by a single entity. Dapps are open source, decentralized and employ blockchain technology to validate the data and actions.
An example of a type of Dapp may be a crowdfunding application that leverages decentralized characteristics. In this instance, the Dapp provides an anonymous and trusted way to donate money and trace funds without centralized control.
In today’s Web2 world, donations are generally made though nonprofit organizations that are registered with local authorities, hold bank accounts and report donations in tax returns or through crowdfunding websites such as GoFundMe that are run by private companies. Bad actors, like terror organizations, who wish to elicit donations within a traditional framework, might need to orchestrate fake bank accounts, shell companies, money laundering operations, or else they are forced to work entirely with cash. Working within a decentralized application structure is a quicker, less risky way to collect donations anonymously.
Decentralized autonomous organizations: Automating illicit activities
A DAO is constructed with a set of rules built on top of the blockchain. It is member-owned, without centralized leadership or hierarchy. Automated decisions of the organization are made by smart contracts and token-based voting.
DAOs can be legitimate businesses, like the venture fund Metacartel, which employs automated rules to pool capital, vote on investments and distribute proceeds to members. DAOs can also be used for illicit activities, such as illegal gambling. In this case, a DAO may have embedded rules that enable anonymous users to buy tokens and place bets, and the DAO can automatically distribute winnings and associated fees. These activities can run globally, with no monitoring by regulatory agencies, and may be conducted on users’ smartphones.
Metaverse: A new forum for crime
The Metaverse is a virtual world that is facilitated by virtual and augmented reality. Essentially, it is a series of decentralized and interconnected open-source platforms built on top of the blockchain that employ ecosystems based on cryptocurrencies and NFTs to facilitate trade and ownership. Such ownership can be independent of companies or larger entities. This new framework may inspire entirely new waves of crime, such as ransomware attacks on individuals to lock or steal personal data, NFTs, cryptocurrency or accounts.
Summary
As the applications of blockchain technology become more mainstream, they will continue to be exploited by criminals, necessitating proactive measures by law enforcement agencies and security organizations. While bad actors can capitalize on the anonymous and decentralized nature of these technologies, law enforcement agencies can leverage the blockchain’s open ledger and public data to follow the money trail and expose suspicious transactions – if they are armed with advanced blockchain analytics technologies that help them monitor the blockchain, detect illicit activity and de-anonymize bad actors.