Geopolitical Monitoring Report | February 10, 2023

Global

Cryptocurrency Crime Hit Record Levels in 2022, with State-Sponsored Illicit Activities Appear Poised to Increase Further in 2023

Background:

A record-breaking $20.1 billion in digital assets were used in illicit activities in 2022 and 44% of these illicit transactions were done by U.S. designated sanctioned entities – particularly those in Russia – to evade sanctions. The value of the amount of digital assets connected to “traditional” cryptocurrency-related crimes like scams, ransomware, terrorism financing, and human trafficking actually saw declines that are consistent with previous bear markets in the cryptocurrency space.

This fact indicates that state-sponsored or state-approved uses of digital assets to evade sanctions and gain access to funds is now the most significant driver in cryptocurrency crime. In addition, outright state-sponsored crypto theft by North Korea stole between $630 million to over $1 billion worth of digital assets in 2022. These funds likely were used to support their illegal nuclear weapons and ballistic missile programs. 

Impact:

State-sponsored cybercriminals and state-approved sanctions evasion are likely to continue to drive a significant portion of cryptocurrency-related crime in 2023. Countries that are under severe sanctions and lack access to the traditional financial system are likely to continue to be the primary sources of this activity.

Russia and Iran – which are currently under a combined number of 17,676 different sanctions – have even announced that they are considering joint development of their own cryptocurrency aimed at evading sanctions. While this effort is in its infancy, additional nations may look to adopt similar arrangements in the event that Russia and Iran’s effort is successful.

The outright theft of digital assets by state-sponsored hackers and online scammers is likely to continue following the widespread publication of North Korea’s success on this front. Additionally, the isolation of economies of rogue states, like Russia, will likely also add to the increase of these thefts.

This rise of state-backed activity in cryptocurrency crime is also resulting in increased enforcement actions against cryptocurrency platforms that have helped users avoid sanctions and launder illicit funds.  

Mitigation:

Companies and organizations doing business abroad should consider the rise in the use of cryptocurrencies to evade international sanctions when conducting due-diligence on potential business partners and heavily scrutinize any attempts to use cryptocurrency to facilitate international business transactions.

This is especially true for companies that are exploring the use of digital assets as part of their regular lines of business, due to the fact that regulatory scrutiny is likely to increase. For companies in the crypto-space, these recent cryptocrime revelations are almost certainly going to increase regulations on their business activities and will increase their third-party due diligence burden.

Finally, digital platforms should be aware that state-sponsored crypto scammers and hackers that operate on their platform are likely to be far more sophisticated than those in the past. This could require these organizations to integrate third-party open source intelligence monitoring and analysis into their existing security teams. Additionally, while other cryptocurrency-related cybercrime, like ransomware, has decreased significantly since the beginning of the crypto bear market, it is likely that these types of activities will likely resume and have greater state-backing from countries that have been placed under strict sanctions as the market recovers.

Companies and organizations should make sure that they have conducted thorough threat landscape assessments on all of their networks and computer systems to ensure that they are not vulnerable.

About Nisos®

Nisos is The Managed Intelligence Company®. Our services enable security, intelligence, and trust and safety teams to leverage a world-class intelligence capability tailored to their needs. We fuse robust data collection with a deep understanding of the adversarial mindset delivering smarter defense and more effective response against advanced cyber attacks, disinformation, and abuse of digital platforms.