Cryptocurrency Fraud , Fraud Management & Cybercrime

Illicit Crypto Activity Detected By US Treasury Department

US Cyber Official Warns of Potential Russian Cyberattacks
Illicit Crypto Activity Detected By US Treasury Department
Nellie Liang, undersecretary for domestic finance at the U.S. Department of the Treasury (Photo: Brookings Institution via Flickr/cc)

War in Ukraine has raged for nearly a month. Cyber offensives have slipped into the digital underground. Economic sanctions have hobbled Moscow. Economists and foreign policy experts have long warned that Russia could resort to blockchain-enabled transactions to either funnel oligarch money or attempt to revive its economy.

See Also: Mobile App Friction Report: Crypto Edition - Onboarding

Prospects of the latter are limited, officials have said, but now the U.S. Department of the Treasury is reportedly warning that it has detected a rise in the use of digital assets for illicit transactions since Feb. 24 - when the Ukraine invasion began.

Nevertheless, the Treasury official says, the volume is too insignificant to aid Moscow in skirting the United States' designations against Russian banking, its oligarchs and high-ranking officials, and oil exports, among others.

Treasury's comments came on Friday from Nellie Liang, undersecretary for domestic finance, who told the news service Reuters that the crypto assets being transferred cannot power an economy and that Russia lacks sufficient infrastructure and rails to effectively - and swiftly - pivot to cryptocurrencies.

According to the same report, Liang said: "The transaction size we've seen is fairly small. Of course, we recognize we may not see everything, but there is a fair amount of oversight. At this point, we just don't see that it could be used in a large-scale way to evade sanctions."

Liang also told Reuters: "While it's growing because the use of crypto is growing, its share as a medium for illicit finance is not anywhere as large as just using cash."

Steps Forward

President Joe Biden's recent executive order on cryptocurrencies attempts to align related U.S. policy with that of its allies - another effort to unify Western governments and improve their enforcement capabilities (see: President Joe Biden Signs Executive Order on Cryptocurrency).

In fact, the new directive establishes a national policy across six different areas, including illicit finance and U.S. leadership in the global financial system.

The order directs the interagency to develop related policy recommendations, tasks the Federal Reserve with continuing its research into the U.S. digital dollar and requires the Treasury Department to produce a report on the future of money and payment systems, among other measures.

It follows previous enforcement actions - including exchange sanctions - from the Treasury Department, recent analysis on stablecoins from the President's Working Group on Financial Markets, record asset seizures conducted by the Department of Justice, and more.

Fear Among Lawmakers?

Despite assurances from the community that Russia's G-20 economy cannot simply "switch" to crypto, lawmakers continue to express concern about the potential abuse of blockchain technology.

In a related hearing of the Senate Banking, Housing, and Urban Affairs Committee last week, Committee Chairman Sherrod Brown, D-Ohio, noted that "crypto can be used … to commit crimes, facilitate illicit finance, terrorism and other forms of criminal activity, and threaten our national security" (see: Banking Committee Chair: Crypto Can 'Endanger Security').

Brown said that "bad actors around the world - hackers, scammers, drug traffickers, terrorist groups and [authoritarian] regimes - have sought digital assets to facilitate their crimes and intimidation."

Sen. Elizabeth Warren, D-Mass., a longtime critic of the lax cybersecurity and price volatility associated with cryptos, argued on Thursday, however, that while Russia may not be able to "evade all sanctions by moving its assets into crypto," the assets are a workable option for Putin's oligarchs trying to "hide a few billion dollars."

During the hearing, she formally introduced related legislation - the Digital Asset Sanctions Compliance Enhancement Act - which would discourage foreign crypto firms from doing business with sanctioned Russian elites.

The legislation would provide the Biden administration with authority to suspend transactions with Russia-linked crypto addresses. It would also require U.S. taxpayers engaging with offshore transactions greater than $10,000 to file a FinCEN Form 114.

Anne Neuberger, the White House deputy national security adviser for cyber and emerging technology

Critical US Warning

Also, on Monday, the White House warned of potential Russian cyber escalation - including targeted attacks against U.S. organizations or infrastructure.

According to The Hill, Anne Neuberger, the deputy national security adviser for cyber and emerging technology, told reporters Monday afternoon: "To be clear, there is no certainty there will be a cyber incident on critical infrastructure. This is a call to action and a call to responsibility for all of us."

She stated that the administration has detected "preparatory activity" and that specific companies have been privately briefed.

In a separate statement, Biden said: "Today, my administration is reiterating those [previous] warnings based on evolving intelligence that the Russian government is exploring options for potential cyberattacks. ... My administration will continue to use every tool to deter, disrupt, and if necessary, respond to cyberattacks against critical infrastructure. ... [And] we need everyone to do their part to meet one of the defining threats of our time."

In a fact sheet issued by the White House on Monday, the administration urges organizations to implement MFA, run tabletop drills, enhance detection capabilities, back up and encrypt data, and focus on other cyber hygiene measures.

Anonymous hacker in an image courtesy of FotoArt-Treu via Pixabay

Anonymous: Cyberwar Continued

While many cybersecurity experts have expressed surprise about the lack of direct Russian cyber offensives - including on Ukrainian infrastructure or Western allies - the nearly monthlong war has not been devoid of strategic hacking.

The international hacking collective Anonymous almost immediately declared all-out cyberwar on Russia when it began the campaign in late February. It later reportedly breached major Russian news agencies and ministries. As recently as last week, the collective reportedly seized CCTV feeds from within Russia and broadcast them with antiwar messaging (see: Russia Says It's Seen 'Unprecedented' Level of Cyberattacks).

This week, the group is reportedly leveraging a printer flaw to send targeted messaging. According to what is believed to be an Anonymous-controlled Twitter handle, the group wrote: "We are #Anonymous[.] We have been printing anti-propaganda and tor installation instructions to printers all over #Russia for 2 hours, and printed 100,000+ copies so far. 15 people working on this op as we speak. #OpRussia #OpUkraine…"

In a new report from International Business Times, which spoke with an Anonymous hacktivist, the publication says the operation involves printed PDFs with messaging around misdirection from the Russian media.

The hacking group is reportedly helping others install Tor, which enables anonymous communication, to glimpse global news reports.

Anonymous' translated message, in part, reads: "The people of Russia should find horror in Putin's actions."

"Both sides [here] are launching attacks, with one side using nation-state-trained cyber experts and the other using hacktivists like Anonymous to target their enemy's infrastructure," says James McQuiggan, education director for the Florida Cyber Alliance.

McQuiggan, a security awareness advocate for the firm KnowBe4, adds: "What is coming next could be the continual barrage of DDoS attacks like rocket launches against facilities or social engineering to gain access into the networks."

A new report from The Washington Post on Monday says that despite being heavily censored by the Russian government, Russian citizens are increasingly opting for VPN use and the Tor browser to access blocked sites.

Update: March 22, 9:30 a.m. EDT - This article has been updated to include remarks from President Joe Biden on the Russian cyberthreat.


About the Author

Dan Gunderman

Dan Gunderman

Former News Desk Staff Writer

As staff writer on the news desk at Information Security Media Group, Gunderman covered governmental/geopolitical cybersecurity updates from across the globe. Previously, he was the editor of Cyber Security Hub, or CSHub.com, covering enterprise security news and strategy for CISOs, CIOs and top decision-makers. He also formerly was a reporter for the New York Daily News, where he covered breaking news, politics, technology and more. Gunderman has also written and edited for such news publications as NorthJersey.com, Patch.com and CheatSheet.com.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.