Terrorism is highly dependent on cash flows for the purchase of everything from munitions and supplies to domains and pamphlets. Traditionally, one of the more challenging aspects of organizing international terrorist activities is rooted in financial transactions. The transfer of money around the world has, in the last decade, fundamentally changed the way terrorist organizations raise money to support their activities. Digital currencies like e-gold, Bitcoin, Peercoin, and Dodgecoin provide complex yet efficient mechanisms for the transfer of funds, as well as the decentralized collection of donations in a more anonymous manner than conventional banking transactions. There is sufficient evidence to suggest that terrorists are considering and, in limited instances, using digital currencies such as Bitcoin to finance activities.[1] While these tools have gained in popularity, in recent years their expansion into various terrorist organizations has been slow and deliberate and has not matched pace with transnational criminal uses of these same technologies.

For the purposes of this article, the term “terrorist organization” does not include the hacktivist community, which has already demonstrated widespread utilization of these technologies. Here, the term is limited to “international terrorism” as outlined in 18 U.S.C. § 2331 – Chapter 113B. This definition is an important caveat as it frames the scope of the analysis to a specific community of actors and acknowledges that the use of these technologies has been demonstrated and documented by other actors contained within a broader definition of terrorism.

This article is designed to demonstrate the advantages and limitations of the use of digital currencies by illicit actors, specifically jihadists. Focus is placed on the technological problems posed to terrorist organizations in leveraging these currencies, as well as the benefits associated with their use. Furthermore, this analysis demonstrates, in brief, the technical challenges faced by law enforcement and intelligence agencies engaged in anti-money laundering (AML) and countering the financing of terrorism (CFT) endeavors.

Shortcomings in the Old Way of Doing Business
The U.S. Department of the Treasury and other government agencies recognize that terrorist organizations use a variety of methods to launder and finance terror activities. Two traditional methods that terrorist organizations have used for the financing and laundering of funds are traditional Hawala networks and conventional international banking.[2] While the possibilities for financing terrorism extend to a wide array of methods ranging from robbery and narcotics to ransom and smuggling, it is valuable to limit the scope for analytical purposes to examining the functional and legal/regulatory challenges associated with digital currencies in the context of these historical terrorism financing methods.

A great deal of emphasis has been placed on both of these financing typologies. In the case of Hawala networks, the Department of the Treasury has provided extensive reports on their use to finance terror and launder money across borders.[3] These networks implicitly rely on the trusted relationships of brokers within the network. While these traditional networks are efficient and difficult to track for transferring money from point A to B, they are at the same time inefficient for the decentralized collection of funds from multiple sources and the disbursement of those funds to single or multiple geographically dispersed end points. The limits imposed by a trust-based network constrain the dynamic collection and disbursement of funds within a terror network and slow down the process of funding, planning, and implementing attacks.

In contrast, conventional banking systems using ISO 9362 (SWIFT-BIC)[4] or other modern commercial banking protocols/standards are efficient modes for conducting international financial transactions. The challenge here for terrorist groups is that these systems adhere to strong regulatory frameworks within codified national and international agreements such as those developed by the Financial Action Task Force (FATF).[5] The use of conventional banking systems unnecessarily exposes terrorist organizations to oversight by banks, law enforcement, and intelligence officials, which threatens their operational security.

In summary, the traditional option of Hawala and the conventional option of international banking pose unique risks for terrorist groups engaging in international financial transactions. The literature on AML/CFT efforts in these two areas is extensive.[6] However, partly due to its novelty and partly due to its complexity, the evolving world of digital or crypto currencies like BitCoin and their impact on AML/CFT has been given substantially less attention.

Beyond Convention and Tradition: New Methods for Financing Terror
Much of the literature to date has focused on the functional aspects of crypto currencies and a narrow subset has focused on the practical implications of alternative pathways for financial transactions at both the national and international level. Two recent cases have elevated the role of digital currencies in the AML/CFT research space. The first major incident was the investigation, takedown, and indictment of Liberty Reserve and its founder. Liberty Reserve was a Costa Rica-based digital currency founded in 2006 and the successor to several digital gold currencies.[7] The second incident, also culminating in 2013, was the investigation and takedown of Silk Road, an illicit online market functioning within the “Deep Web.”[8]

Liberty Reserve functioned similarly to a conventional bank with a central ledger of transactions. However, Liberty Reserve embedded tacit anonymity by deliberately failing to mandate account holder validation. In other words, people who opened accounts were not required to provide any of the basic personally identifiable information that a conventional bank would require to conduct financial transactions. This tacit anonymity hid Liberty Reserve account holders’ activities from legal and regulatory oversight by law enforcement and intelligence agencies.

Liberty Reserve added to the tacit anonymity of its users by requiring all users to deposit and withdraw funds from third-party “exchangers” to eliminate a direct paper trail to Liberty Reserve. The central objective was to avoid U.S. and international law and in the process create a black-market banking system. For terrorist groups, the global reach of Liberty Reserve combined with its ability to avoid revealing regulatory practices presented a solution to the problems associated with more traditional banking.[9]

Silk Road, unlike Liberty Reserve, was not a financial institution, but rather a commercial marketplace equivalent to an Amazon or Ebay for illicit merchandise.[10] The marketplace made possible the sale of everything from narcotics to weaponry. Similar to purchasing a book on Amazon, customers of Silk Road could purchase drugs and guns from a variety of private sellers, all of whom connected anonymously to the market and all of whom used a digital currency to engage in transactions.[11] The site was accessible only to users of Tor[12] and conducted financial transactions through an emerging digital currency called Bitcoin (BTC).

Silk Road would not have been as successful at illicit e-commerce if it used credit cards and bank accounts which tie users to their transactions conducted in the deep web. To maintain the anonymity of the marketplace beyond access through Tor networks, the site relied on Bitcoin, a secure, non-trust-based currency. Using third-party money “exchangers” would have been inefficient and limited the ability to engage in rapid e-commerce transactions. If Silk Road had used a service such as Liberty Reserve, every user would have had to register with Liberty Reserve and one or more third party “exchangers” willing to convert Liberty Reserve currency. To engage in any given transaction, currency would have needed to be converted or transferred at least three times.[13] To overcome this problem, the site leveraged a new digital currency type that had only been conceptualized a year earlier.

Bitcoin[14] was designed to eliminate the need for trust through mathematical proof of work. Trust and the ability to ensure the security and reliability of transactions are crucial to sustained iterative commerce. The ability to ensure trust in a digital currency was a major turning point that has largely facilitated the success of Bitcoin. Although Bitcoin was not designed with anonymity in mind, its construction provides anonymity to its users as evidenced in the 2013 indictment of Silk Road founder Ross Ulbricht.[15] All conventional Bitcoin transactions are transparent and by design open for all participants in the Bitcoin network to view. In other words, every transaction ever conducted in Bitcoin is recorded and distributed to every other user in the network. Instead of providing anonymity for transactions, Bitcoin’s structure facilitates anonymity through the absence of personally identifiable information (PII) linking sellers and buyers to transactions through the use of public and private key pairs, as will be examined in more detail below.

Because each transaction is the result of a hash-based (mathematical) proof-of-work requiring significant computational power, it is probabilistically unlikely that any one user can double spend any given Bitcoin. The ability to double spend was a fundamental problem associated with early concepts of digital currencies, as the validation process might make it possible for an individual to essentially purchase things from two different vendors using the same currency value at the same time without either vendor knowing that the money used to purchase a good or service had already been spent.

Since there is no central oversight mechanism like a bank or in the case of cash, physical currency, the creators of Bitcoin minimized potential manipulation of the system by creating a mathematical means to ensure the validity of each transaction in relation to the balances present in a consumer’s account. Therefore, because every user in the network has a record of all transactions, it is highly unlikely that any given user can spoof (falsify) transactions so long as the majority of ledgers in the network indicate a transaction has occurred. This creates a non-trust-based verification that provides every user with knowledge of every transaction that has ever taken place since Bitcoin started in 2009. While the transactions themselves are not hidden, the individuals engaged in the transactions are largely anonymous.

Even though Bitcoin users do not provide any direct PII, they are not completely anonymous. Users can be tracked by a careful examination of transactions, primarily by analyzing the repeated use of specific public keys that direct funds for payment. Investigators can use technologically advanced analytical techniques to map user transactions across the network and pair them across datasets to find individual network users.[16] Essentially, constructing a pattern of behavior based on transactions can reveal tremendous amounts of information about a user, to include where they shopped, how much they spent, the frequency of transactions, and any transactions with a party that collected PII.

These discovery techniques are time-consuming and imperfect, but have been successful in reducing the anonymity of Bitcoin users who use the same public key for multiple transactions. Similarly, analysts use these techniques to reduce or remove the anonymity of users who use multiple sets of public keys to complete transactions in an attempt to maintain anonymity.[17] This can provide an opening for law enforcement and intelligence agencies to use amateur users (who either donate to or receive funds to plan and engage in terror activities) through Bitcoin to deconstruct a network.

Buyers and sellers using Bitcoin can enhance their anonymity by changing their public keys associated with various transactions. This is the equivalent of using a different credit card number for every single purchase a traditional consumer might make. Additionally, new services such as Dark Wallet propose to enhance the anonymity of transactions by allowing illicit transactions to digitally “piggyback” on non-illicit transactions, creating a single transaction that obfuscates both.[18] These new services, combined with tools such as Tor, can significantly enhance the probability of engaging in anonymous transactions online using Bitcoin.

While novice participation in Bitcoin is relatively straightforward, the maintenance of high levels of anonymity on Bitcoin requires substantial effort and technical skill. Amateur jihadist use of Bitcoin poses a technical problem for the widespread use of Bitcoin by terrorist organizations. The amateur (non-anonymous) use of Bitcoin by a participant in a network can reduce the anonymity of all network transactions. Novice users could provide a point of origin for intelligence and law enforcement agencies to begin work on deconstructing a terrorist finance network. Specifically, the more transactions made to a single or set of public keys, the less likely it is that the parties involved will maintain anonymity in a distributed funding or donation network. Unless terrorist organizations can sufficiently educate all members that use crypto currencies to do so at a very high level, the use of these networks may leave the overall organization vulnerable.

Jihadists Discuss Crypto Currencies
Individuals interested in jihad seem to be paying attention to this complexity and have posted YouTube videos, discussions links, and links to research on the anonymity of Bitcoin on various discussion boards.[19] These same individuals have spent time and effort to discuss the problems of financing associated with jihad. One user even explicitly writes about the potential to purchase weapons and ammunition and the ability to exchange digital currency for hard currency. Yet despite this optimism, the same user goes on to discuss the level of technical expertise required by users to engage in financial transactions using Bitcoin.[20]

These forum discussions are important in the context of AML/CFT research as they highlight a deliberate effort on the part of individuals associated with jihadist movements to understand a new and evolving technology to raise money for terrorist activities. While these discussions indicate an asymmetry in the level of knowledge between more technical jihadists and their less technical counterparts, they also illustrate an effort by more technical members of the community to inform and educate their peers on the proper use of digital currencies. Moreover, there are direct references to using digital currencies to transfer money into countries where conventional or traditional methods of financial transactions are difficult due to a lack of network capacity or surveillance and regulation.

Although some websites affiliated with terrorist organizations have begun collecting Bitcoin donations, this practice appears to be relatively limited. One example would be http://kavkazcenter.com. It is possible that as the technical capacity of these organizations increases, their use of digital currencies will also increase. This increase is likely to be small, however, in relation to overall terror financing through other channels such as hawala, kidnapping, front companies, narcotics sales, oil sales, and many more.

Given the interest that terrorist organizations have shown in leveraging digital currencies, their use of such mediums for conducting financial transactions will only increase in the future. The development of digital currencies poses a long-term challenge to law enforcement and intelligence agencies as the technical skill of their targets and the level of complexity of the currencies available increase.

Yet, because these currencies are all based on the mathematics that serve as the foundation for modern cryptography, it is possible that their use might also offer opportunities for the tracking of illicit behavior. Herein lies the dilemma of using digital currencies. As one person develops a cryptographic algorithm allowing transactions to be more anonymous, another person immediately begins work on solving it to peel back the anonymity. Cryptography is a never-ending mathematical and computational arms race and crypto currencies, such as Bitcoin, are likely affected as better algorithms and more powerful computers are developed.

Both terrorists and governments will likely struggle to leverage these tools to their advantage in the coming years. The main takeaway, however, is that when certain pathways for financing terrorist activities become more difficult, there are increasingly going to be alternative means available to finance terror and launder money as technology and technological skills increase.

Aaron Brantly is Assistant Professor of International Relations and Cybersecurity in the Department of Social Sciences, Cyber Policy Fellow at the Army Cyber Institute, and Cyber Policy Fellow at the Combating Terrorism Center at the United States Military Academy at West Point.

The views expressed here are those of the author and do not reflect the official policy or position of the Department of the Army, Department of Defense, or the U.S. Government.

[1] This has been witnessed by tracking conversations of jihadists within various internet chat rooms and forums.
[2] Hawala – meaning transfer – is a pre-modern financial transfer system that facilitates the conduct of commerce through trusted informal networks.
[3] Patrick M. Jost and Harjit Singh Sandhu, “The Hawala Alternative Remittance System and its Role in Money Laundering,” Financial Crimes Enforcement Network and INTERPOL/FOPAC, 2003.
[4] This system provides unique identification codes for financial institutions. SWIFT-BIC stands for Society for Worldwide Interbank Financial Telecommunication-Business Identifier Codes.
[5] Financial Action Task Force. International Standards on Combating Money Laundering and the Financing of Terrorism and Proliferation. (Paris, France: 2013), pp. 1–130.
[6] For a broad overview of the current state of the literature on AML/CFL, see Peter Romaniuk, “The State of the Art on the Financing of Terrorism,” The RUSI Journal, 159:2 (2014): pp. 6-17.
[7]United States of America v Liberty Reserve S.A, No. USA-33s-274 (Ed. 9-25-58), United States District Court, Southern District of New York, May 2013.
[8] “Deep Web” refers to the utilization of Tor networks to encrypt and hide web traffic.
[9] A more detailed analysis of the inner workings of Liberty Reserve is provided in the 2013 Federal indictment: United States of America v Liberty Reserve S.A, 2013.
[10] Kim Zetter, “How the Feds Took Down the Silk Road Drug Wonderland,” Wired, November 11, 2013.
[11]United States of America v Ross William Ulbricht, USA-33s-274 (Ed. 9-25-58), United States District Court, Southern District of New York, February 4, 2014.
[12] Tor is free software that enables anonymity by encrypting and directing internet traffic through a network consisting of more than 5,000 relays.
[13] In contrast, Bitcoin requires only one mathematical proof and any given transaction takes between 10 minutes and 24 hours, far less time than a comparable Liberty Reserve transaction.
[14] In 2008, under the pseudonym Satoshi Nakamoto, a concept paper for a decentralized cryptographic peer-to-peer digital currency was published. The concepts presented in this paper led to the creation of a digital currency rooted in cryptographic proofs (mathematical equations) based on a cryptographic hash (the present block), the hash of the previous transaction (previous block), and what is called a nonce (a generated pseudo random number). Together these form what is called the “block chain.” To ensure there is security of the mathematical proof, each hash can be solved by only one nonce. To complete each stage of the block chain, any given computer in the network must continuously try out different numbers until it finds the correct nonce to complete the segment of the chain. Each segment of the chain is unique and formed by adding the preceding portions of the chain to the current block.
[15]United States of America v Ross William Ulbricht, 2014.
[16] Fergal Reid and Martin Harrigan, “An Analysis of the Anonymity in the Bitcoin System,” in Yaniv Altshuler et al eds., Security and Privacy in Social Networks (New York: Springer, 2013).
[17] Ibid.
[18] Andy Greenberg, “‘Dark Wallet’ Is About to Make Bitcoin Money Laundering Easier than Ever,” Wired, April 29, 2014.
[19] These are some of the links that have been posted on jihadist discussion boards: http://youtube.com/watch?feature=player_embedded&v=Um63OQz3bjo#!, http://bitcoinweekly.com/articles/how-bitcoin-security-works-by-analogy, https://shamikh1.info/vb/showthread.php?t=200037&highlight=bitcoin.
[20] These discussions were posted to the Shumukh al-Islam Network on April 29, 2013.

Stay Informed

Sign up to receive updates from CTC.

Sign up