Chainalysis Fights Fraud in the Cryptocurrency World
Table of contents
The old adage “follow the money” merits some caution in times of market mania. When notable venture capital firm Andreessen Horowitz recently announced a $2.2 billion blockchain/cryptocurrency fund, it raised some eyebrows. Surely these technologies must have loads of potential if these thought leaders are investing so much time and money into this space. Then you read some of the drivel being peddled by their “creator economy” advocates and you realize that not everything they touch will turn to gold.
Fresh funding flowing into the crypto space often gets allocated to business models that aren’t easily understood. If a business model is so complex that it takes an entire afternoon to understand, it’s not worth looking at. And we’re not buying the old “it’s just too technically complex for your feeble mind” argument. Every great success story out there has been one that is easily understood. Today, we’re going to talk about a cryptocurrency pick-and-shovel business model that’s very easily understood.
Cryptocurrency and Ransomware
“Bitcoin and other cryptocurrencies made it possible to extort huge ransoms from large companies, hospitals and city governments,” says an article by political commentary site NPR. You’re probably familiar with how a ransomware attack works because they’ve been all over the news. From meat processing plants to oil pipelines, companies across the globe are being owned by hackers who are often paid off to go away because a multi-million-dollar ransom is often cheaper than allowing a business disruption to continue.
The problem is a lot worse than what’s being reported since many organizations won’t report ransomware attacks because of the bad publicity. Prior to the advent of cryptocurrencies, it wasn’t possible to get a company to pay you money using a method that was instant and difficult to trace. The rise of ransomware is a side effect of the popularity of cryptocurrencies with companies of all sizes being attacked. This is reflected in the average ransom paid which is – while increasing – still surprisingly low.
Tracking down who is responsible for any given ransomware attack can be extremely difficult given the anonymity afforded to cryptocurrency users. And that’s where Chainalysis comes in.
Founded in 2014, New Yawk’s own Chainalysis has taken in just over $366 million in disclosed funding from a long list of investors including Techstars, Sequoia, and private equity firm Blackstone Group. The majority of that funding came in the form of two $100 million dollar rounds – a Series D (Mar 2021) and Series E (Jun 2021) – that closed within months of each other, giving Chainalysis a $4.2 billion valuation. A large driver for the firm’s rapid growth appears to be the recent surge in ransomware that’s lined the pockets of criminals to the tune of over $400 million last year.
The above chart was taken from a report published by Chainalysis titled “Ransomware 2021” which talks about just how sophisticated these operations can be. Ransomware as a service (RaaS) is a model where attackers known as affiliates “rent” usage of a particular ransomware strain from its creators or administrators, who in exchange get a cut of the money from each successful attack affiliates carry out. Some cybercriminals even employ professional negotiators to extract the maximum amount of money from their victims. The only way to stop such an operation is by following the money.
Chainalysis has built the world’s most comprehensive cryptocurrency investigation and transaction monitoring solutions which cover 90% of cryptocurrency economic activity. Tracing how the money flows can uncover relationships between bad actors so they can be stopped. The Biden Administration’s recent commitment to improve information-sharing between the U.S. government and the private sector on cyber issues bodes well for Chainalysis and helps explain why they’re raising funding so rapidly. The ransomware problem is incredibly difficult to solve for a number of reasons.
A Tough Problem to Solve
A few years ago, we visited Moscow to meet with the most elite cybercrime fighters on this planet. At Group-IB, lie detector tests are required as a condition of employment to prevent bad actors from accessing their platform and learning how cybercriminals are being monitored using threat intelligence methods. Turns out Russia is where much of these ransomware funds are flowing – and also ‘Murica.
Because ransomware is a global problem, governments – primarily USA and Russia – need to start working together to solve it. Geopolitical tensions make this difficult. Another problem lies in the third-party tools that cybercriminals use to carry out their devious antics. If you’re providing a software tool that has use cases that are both legitimate and malicious, how do you keep the bad guys from using it? Again, the answer is probably to increase transparency.
A Regulatory Solution
Another problem that organizations face is how they go about managing regulatory risk. The United States has now said that “ransomware victims and those who facilitate payments on behalf of victims can be found in violation of sanctions.” This puts victims in a very tough spot, and they may choose to go even more silent. A better solution is for governments to allow companies to pay ransoms so that Chainalysis can then track down the criminals and
Navy Seals can go cut their nuts off they can be reprimanded by their country’s justice system with the money being promptly returned to the payor in all cases. Last month, the Justice Department announced the first case where a task force was able to claw back money from a ransomware attack (Colonial Pipeline) with the FBI recovering most of the ransom that Colonial Pipeline paid to ransomware attackers last month ($4.4 million out of $5 million). This task proved to be remarkably difficult, and it’s not expected to be the norm anytime soon.
So Much for Transparency
The whole idea behind decentralized cryptocurrencies was that users could conduct transactions without being controlled or regulated. Turns out that’s now more of a curse than a blessing, though unsurprisingly Andreessen disagrees with that assessment. Solutions being provided by Chainalysis to combat malicious use cases for cryptocurrencies by increasing transparency also serve to undermine the benefits we’ve been hearing so much about. Still, it’s hard to see how the rapid growth of ransomware can be thwarted without some traceability and controls in place. Hunting down the individuals responsible for these attacks and punishing them to the fullest extent of the law will send a message to other “affiliates” dabbling in this stuff.
Looking Beyond Ransomware
While we’ve largely focused on the ransomware application, the Chainalysis platform extends beyond use cases involving fraud. Last month, the company launched a new market intelligence subscription product to meet the demand for cryptocurrency data and insights from financial institutions.
If crypto is here to stay, then providing what the financial world calls “market data” for cryptocurrencies is a critical function. (There won’t be a need for “fundamental data” because cryptocurrencies actually have nothing of value attached to them except a greater fool who is willing to take the other side of a trade.)
a16z crypto has more than $3 billion under management across three funds, investing in crypto companies and protocols. They’re almost certain to be betting on whatever final manifestations crypto succeeds at. Solutions like Chainalysis are emerging as obvious winners because they’re a prerequisite to widespread cryptocurrency adoption. The question is if the winners will present sufficient returns to outweigh the losses from all the inevitable failures that accompany any technology that is too complex for most investors to explain.