Does the Colonial Pipeline Attack Unravel the Myth of Bitcoin’s Untraceability?

Reading Time: 2 minutes

Few assets in history have been as polarizing as bitcoin. Notorious for its volatility, the world’s most popular cryptocurrency has many detractors, including some of the most prominent economists and financial experts. Despite its critics and abundant predictions of failure, 2021 has undoubtedly been bitcoin’s breakout year.

Many developments this past year point to the growing mainstream acceptance of bitcoin. More notable examples include investment banking giants Goldman Sachs and Morgan Stanley announcing they will start offering bitcoin and other cryptocurrency assets to their private wealth management clients, while the Central American nation of El Salvador became the first country in the world to adopt bitcoin as legal tender. With a combined market cap of nearly USD 2 trillion, it appears bitcoin and other cryptocurrencies are here to stay, carrying with them enormous challenges to anti-money laundering (AML) and counterterrorist financing (CTF) regulation.

The inability to trace the flow of these virtual assets has been posed great risks to AML/CTF regulations, but the Colonial Pipeline ransomware attack appears to upend the notion cryptocurrency tracing is impossible. Back in May, a cybercriminal hacking group, DarkSide, targeted the Colonial Pipeline system, a critically important piece of infrastructure that supplies fuel to much of the eastern United States. The attack on Colonial’s computer network forced the pipeline into closure, which led to panic buying and fuel shortages that lasted several days. The six-day-long shutdown finally ended when Colonial Pipeline’s management decided to pay the cybercriminals USD 4.4 million worth of bitcoin in ransom.

The company’s decision to pay off the hackers was met with criticism as journalists and the public believed this would only encourage other criminals in similar endeavors. However, in a surprising turn of events, FBI agents managed to recover more than half of the ransom amount in the course of several weeks. Despite not disclosing the details of this recovery, it demonstrated the growing technical capabilities that might be able to counter cryptocurrencies’ lack of transparency in the near future. Experts have warned this success in recovering the funds was likely a potent warning sign to criminals, who are now expected to resort to new, more complex money laundering techniques as a result. But for now, at least, the Colonial Pipeline ransomware attack appears to suggest AML regulators and financial crime watchdogs may be closer to tackling cryptocurrency risks than was earlier thought.