Islamic State’s $3 million bitcoin wallet

Wednesday 18 November 2015

A white-hat hacker group claims that Islamic State has been moving money with bitcoin. What do we make of this?

The terror attacks that took place in Paris saw 130 people killed and hundreds more injured. It came as no surprise when Islamic State claimed responsibility, citing France’s involvement in military action in Syria as the reason.

The proliferation of terrorism has been catalysed by the web. Terrorism effectively now works on a franchise model, with cells loosely affiliated with Islamic State, Al Qaeda and other groups operating on a dispersed basis in locations around the world. Some of their members have experience of fighting in Syria or Afghanistan; the majority are recruited locally or have lived for many years in the countries they attack.


Today's terrorists recruit using social media, communicate with encrypted messaging and, apparently, move money with bitcoin

It is a very 21st century activity. Today’s terrorists recruit via social media, they communicate by encrypted messaging and, at least according to one ethical hacker group, they move money using cryptocurrency.

IS and BTC

Ghost Security Group claims to have identified bitcoin addresses used by IS, stating that they have traced around $3 million in BTC.

Such news should be taken with a pinch of salt until confirmed, because this kind of thing makes for great headlines. As, for example, does the idea that IS use WhatsApp and games consoles like the PS4 for communication, because they both offer end-to-end encryption and are extremely difficult to trace. (It turns out that IS prefer other secure communication tools, and that PS4 doesn’t offer end-to-end encryption.)

All the same, given that IS is quite happy to use cutting-edge tech for their communications and recruiting, it wouldn’t be at all surprising if they also used bitcoin to move money around.

Naturally this prompts a discussion about government clampdowns on end-to-end encryption and borderless currencies, which naturally miss the point. We are talking software here. It’s not a question - has never been a question - about whether such systems should be shut down. It’s about whether they can be. And that is a different matter.

As the Cypherpunks’ Manifesto reads, ‘We know that software can't be destroyed and that a widely dispersed system can't be shut down.’ That was written over 20 years ago, just as the rising web threatened the privacy of those who would use it - in other words, practically everyone. Whether or not you think privacy is such an important right that it should be granted to everyone - even if that makes it harder to track terrorists - is neither here nor there. It is too late. The software, the algorithms, the protocols exist. Information cannot be erased; knowledge cannot be unlearned.

We’re moving towards a model of communicating and sharing that no longer has to involve third parties as arbiters and gatekeepers. That carries dangers and well as advantages. Unfortunately, there are no silver bullets.

comments powered by Disqus