As cyber threats and online criminal activities continue to become more sophisticated, it is essential to understand the complexities of the digital world and how the latest advancements in crypto forensics can help combat cyberterrorism.
Cyberterrorism is unlawful attacks and threats of attacks against computers, networks, and information stored in them with the aim of intimidating or forcing a government or its people to promote political or social goals and can lead to severe economic losses [1]. These attacks are aimed at state authorities, corporations, and critical infrastructure. Cyberterrorists can obtain sensitive information.
Cryptocurrency began in 2009 as a method to decentralize currency and avoid the regulation of governments and banks. It is a digital currency that provides anonymity, peer-to-peer transfer capacity, and an open-source facility [2]. It is also monitored by a blockchain which serves as a secure ledger of transactions. Cryptocurrency makes it easier for embezzlement of illicitly-obtained funds and financing of terrorist activity. In 2019 Bitcoin was reported as being involved in roughly $80 billion of illegal activity annually [2].
Billions of dollars are exchanged daily in the crypto market. This market attracts individuals such as money launderers, terrorists, hackers, drug traffickers, and other sellers of illicit materials.
Anyone with a computer and internet connection can participate in lending, borrowing, staking, and trading cryptocurrencies just like in traditional finance. They benefit from the crypto’s ability to protect the identity of its users while allowing them to clean and funnel dirty money back into the financial system [3]. When computer crimes such as these occur financial systems require urgent intervention from forensic examiners to recover stolen funds.
Crypto forensics is a relatively new field that is constantly evolving to keep up with the latest trends in cybersecurity. By understanding how crypto forensics works, forensic analysts can arm themselves with the knowledge and tools needed to identify and track down those responsible for even the most complex and sophisticated cyber-attacks.
Cryptocurrency forensics involves both tracking and interpreting the flow of cryptocurrency assets on the blockchain [3]. Although, this data is publicly available many wallet addresses and transactions need to be deciphered, assessed, and interpreted in every case to properly track the flow of funds and report on it accordingly. Cryptocurrency is anonymous, but things can still be traced with crypto forensics.
Digital forensics software provides the tools needed to conduct a more detailed analysis of these transactions. The software can be used to track browser history searches, for addresses or crypto transactions, which can help with investigations [4]. Analyzing system or user artifacts, such as password vaults, static text files, notes files, or encrypted archive files, can assist in unlocking the wallets/addresses of interest. Artifacts such as wallet.dat files or wallet software could help recover funds and/or piece together crypto transactions.
All of these details and clues can be obtained with the proper computer forensics software. Cyberterrorism can cause corporations and governments billions of dollars and they can do it from devices such as a Mac computer or Windows.
ADF’s Digital Evidence Investigator software tool can collect forensic artifacts from Windows and macOS (including T2 and M1 chips). It can conduct Mac forensics and scan all available Mac computers with all types of encryption and virtual drives by running a remote agent that communicates with the desktop application. ADF’s computer forensics tools can be used to search for cryptocurrency traces. These traces are significant as they leave behind evidence for examiners and investigators to follow a suspect’s activity.
Users can search and collect emails including MS Outlook, Windows Mail, Windows Live Mail 10, and Apple Mail. Investigate attached devices, live powered-on computers, boot scans from powered-off computers, forensic images, the contents of folders, and network shares.
When it comes to cyberterrorism, crypto finance, and more, there is no shortage of issues we need to address. This is of particular importance to law enforcement agencies who work around the clock to ensure the safety of their communities.
Efficiently and effectively investigate cyberterrorism and cryptocurrency transactions.
