With all the recent news involving ransomware, Bitcoin has been getting more attention than ever before. It’s to the point where it’s become almost synonymous with cybercrime, but few people really understand why or even what Bitcoin is.
The simple way to understand why Bitcoin is so popular with cybercriminals is to see it as a kind of digital cash. It’s not traceable in the way that traditional currencies are, so criminals can stash it under their virtual mattress and not worry about the authorities finding it and them. But at some point, they’ll have to take it out and convert it to real cash.
How does Bitcoin work to enable this digital cash? Well to understand that we have to step back and see how traditional financial transactions happen.
It’s All on the Ledger
If Mr. Black wants to give Ms. White $100 without using cash, he can write a check or ask his bank to wire the money to Ms. White’s account. In either event, no money actually changes hands. The bank just writes down the transaction on a ledger. First, the bank checks the ledger to make sure Mr. Black’s account has $100 in it, and if it does, it subtracts the $100 from his account and adds it to Ms. White’s.
Mr. Black and Ms. White rely on a third party, the bank, to verify the transaction.
But what if there was a way to make that ledger a third party in and of itself. Rather than trusting the bank to verify information and write down the transactions, what if the ledger was public and everyone could just check and update everyone account for themselves? Well, that’s exactly what Bitcoin’s technology does.
The technology behind Bitcoin is called a blockchain. The blockchain is like an infinitely growing ledger that records all the transactions happening within a network. In the case of Bitcoin, that network is everyone who owns Bitcoins.
As the chain of transactions grows, section gets blocked off. Think of it as a page of the ledger being taken out and locked away in the safe. The blocking off is accomplished by creating what is called a hash. A hash is a code that’s generated from all the transaction data that it is blocking off.
So the blockchain takes all the data between the last block up to the new block location, makes a hash and stamps that section as closed off. If a single bit of data is different, it will produce a different hash, and that’s the protection mechanism for the ledger.
If you have three people all keeping a ledger and two of them match exactly, but one is off, then you know you can throw that one out because the math is wrong somewhere. This is what prevents anyone from manipulating the ledger to their benefit, making the virtual ledger a trustworthy 3rd party.
Every transaction is broadcasted to the entire network, so if you change your ledger to have an extra $100, then it’s hash will be different from everyone else’s and yours will be thrown out.
This decentralizes the ledger, meaning no single party has a master copy.
Making more Bitcoins
The process of making hashes and sealing these transactions is very CPU intensive work. So, to get people to do it, they must be incentivized. And that’s where we get new Bitcoins. Whenever you seal a section, a new Bitcoin is generated and added to your account.
There is no other way to create new Bitcoins.
If you want to invest cash in Bitcoins, then you’re adding value to the existing one, not making more. If you want to cash out, then you’re making them less valuable, not removing Bitcoins.
Thanks to the blockchain, Bitcoin is a real, finite currency.
Now the actual ID of Bitcoin holders is totally anonymous, but the transactions themselves are public through the blockchain. So, what law enforcement is working on now is trying to identify the Bitcoin holders whenever there is a cybercrime attack. If a Bitcoin address receives a lot of Bitcoins and cashes them all out overnight, then law enforcement can check financial records to see if they can match the amount of Bitcoin cashed out with the transaction made to an identifiable bank account.
If they are able to associate a Bitcoin address with a specific person, then they can go back through the blockchain to identify every transaction that person has made. And if they received payment for a cybercrime, then they’ve got them virtually red-handed.