AML CHALLENGES
Cyberattacks by nation-state actors, unscrupulous business com-
petitors and their proxies may target not only personally identifi-
able information, but also corporate intellectual property,
competitive trade secrets and confidential business information. 12
Encrypted cybercrimes
Encryption is the conversion of data into another form or code, so
that it might be read only by those who have access to a secret
decryption key or password. Ciphertext refers to encrypted data.
Plaintext refers to unencrypted or decrypted data. 13
Warnings of cyberattacks by nation-states and their proxies have
led information security leaders to support stronger encryption, so
that data and financial transactions might be protected from mal-
ware and malicious third-party eavesdropping. In addition, cyber-
security leaders have opposed requirements for backdoors that
could weaken encryption. 14
However, stronger encryption can make financial crimes investiga-
tions more complex, as criminal organizations and terrorists take
advantage of encrypted communications to evade detection.
North Korea has been linked to recent ransomware cyberattacks, in
which hackers demand that victims pay a Bitcoin ransom for a
decryption code to unlock data encrypted by a virus that infected
the victim’s computer or smartphone. 15 Evidence is mounting
steadily that recent WannaCry ransomware attacks were orches-
trated by North Korean hackers who operate in other countries. 16
North Korean representatives at the U.N. have denied links to the
global WannaCry ransomware cyberattack. They have also denied
the recent cyber hacking of a U.N. expert, who monitors violations
of sanctions that are designed to prevent North Korean weapons
development. 17
To gain access to global banks and financial services, North Korea
has reportedly evaded sanctions imposed by the U.N. 18 and the U.S.
Department of the Treasury’s Office of Foreign Assets Control
(OFAC), 19 by channeling transactions through agents and front
companies operating outside of North Korea. North Korea also
restarted its Cold War-era practice of using shortwave radio to
broadcast encrypted messages, which may be directed at its spies
or agents operating outside of North Korea. 20
Latin American drug cartels have reportedly laundered money and
created investigative blind spots by using encrypted networks 21
and apps to shield their electronic communications from
surveillance. 22
The Islamic State of Iraq and Syria (ISIS) has reportedly shielded its
online communications from detection by using free TrueCrypt
encryption software, which has been one of the strongest encryp-
tion programs since its release in 2004. 23
In 2016, the Miami Herald reported the arrest of three members of
Hezbollah, the Middle Eastern terrorist group that was suspected of
laundering cocaine money for a Colombian cartel. The suspects
reportedly used a complex global web of encrypted communications
and financial transactions to move $500,000 into banks in Miami. 24
Steve Bychowski, “Cybersecurity 2017–The Year In Preview: Trade Secret Theft Takes Center Stage,” Security, Privacy and The Law, November 21, 2016,
http://www.securityprivacyandthelaw.com/2016/11/cybersecurity-2017-the-year-in-preview-trade-secret-theft-takes-center-stage/
12
Nate Lord, “What Is Data Encryption?,” Digital Guardian, January 27, 2017, https://digitalguardian.com/blog/what-data-encryption
13
Robert Ackerman Jr., “The Rise of Nation-State Cyber Attacks Makes Encryption More Crucial Than Ever,” RSA Conference, September 20, 2016,
https://www.rsaconference.com/blogs/the-rise-of-nation-state-cyber-attacks-makes-encryption-more-crucial-than-ever#sthash.QHab4cq4.dpuf
14
Paul Mozur and Choe Sang-Hun, “North Korea’s Rising Ambition Seen in Bid to Breach Global Banks,” New York Times, March 25, 2017,
https://www.nytimes.com/2017/03/25/technology/north-korea-hackers-global-banks.html
15
Choe Sang-Hun, Paul Mozur, Nicole Perlroth and David E. Sangermay, “Focus Turns to North Korea Sleeper Cells as Possible Culprits in Cyberattack,”
New York Times, May 16, 2017, https://www.nytimes.com/2017/05/16/world/asia/north-korea-cyber-sleeper-cells-ransomware.html?_r=0
16
Michelle Nichols, “North Korea says linking cyber attacks to Pyongyang is ‘ridiculous,’” Reuters, May 19, 2017,
http://www.reuters.com/article/us-cyber-attack-northkorea-idUSKCN18F1X3
17
“Report of the Panel of Experts established pursuant to resolution 1874 (2009) - S/2017/150,” United Nations Security Council, February 27, 2017,
http://www.un.org/ga/search/view_doc.asp?symbol=S/2017/150&Submit=Search&Lang=E
18
“Treasury Imposes Sanctions on Supporters of North Korea’s Weapons of Mass Destruction Proliferation,” United States Department of the Treasury,
September 26, 2016, https://www.treasury.gov/press-center/press-releases/Pages/jl5059.aspx
19
Choe Sang-Hun, “North Korea Re vives Coded Spy Broadcasts After 16-Year Silence,” New York Times, July 21, 2016,
https://www.nytimes.com/2016/07/22/world/asia/north-korea-spy-radio-broadcasts.html?_r=0
20
Alan Feuer and William K. Rashbaumjan, “U.S. Prosecutors Outline Case Against Mexican Drug Lord El Chapo,” New York Times, January 20, 2017,
https://www.nytimes.com/2017/01/20/nyregion/el-chapo-guzman-mexican-us.html?_r=0
21
Patrick Howell O´Neill, “How a drug cartel used encryption and a fake website to launder millions,” The Daily Dot, October 17, 2016,
http://www.dailydot.com/layer8/mexican-cartel-encryption/
22
Evan Ratliff, “The Strange Origins of TrueCrypt, ISIS’s Favored Encryption,” The New Yorker, March 30, 2016,
http://www.newyorker.com/news/news-desk/the-strange-origins-of-truecrypt-isiss-favored-encryption-tool
23
David Ovalle, “State: Hezbollah-linked group laundered drug money through Miami banks,” Miami Herald, October 11, 2016,
http://www.miamiherald.com/news/local/crime/article107366182.html
24
20
ACAMS TODAY | SEPTEMBER–NOVEMBER 2017 | ACAMS.ORG | ACAMSTODAY.ORG