U.S. Navy Preparing Bitcoin Battalion

Bitcoin Battalion

Back in December we reported that the United States Air Force has quietly been working on a Bitcoin payment gateway otherwise known as a “snack machine” (yes you read that correctly). We also discussed that “currency is like another class of supply, a commodity required to execute the battle.”

Recently, United States sanctions against the Kremlin for annexing Ukraine resulted in MasterCard and Visa suspending certain types of transactions in Russia (apparently due to the OFAC 50% rule). OFAC or Office of Foreign Assets Control under the Department of U.S. Treasury maintains a list of different sanctions programs that it administers here.

It has been reported that Visa did resume services with some Russian banks. I found an old SEC filing that may (or may not) shed some light how Visa is able to continue its relationship with certain banks under sanction:

“…OFAC restricts financial dealings with Cuba, Iran, Myanmar and Sudan, as well as financial dealings with certain parties, such as identified money laundering fronts for terrorists or narcotics traffickers. While we prohibit financial institutions that are domiciled in those countries or are restricted parties from being Visa members, many Visa International members are non-U.S. financial institutions, and thus are not subject to OFAC restrictions. Accordingly, our payments system may be used for transactions in or involving countries or parties subject to OFAC-administered sanctions…”

In any case, President Vladimir Putin now supports plans for Russia to create its own national payment system. Headlines such as “Russia Reconsiders Bitcoin?” have begun to sprout up and this week Russia will be hosting its first Bitcoin conference.

US Army War College

This should come to no surprise to those who read Juan C. Zarate’s“Conflict by Other Means: The Coming Financial Wars” (PDF) published by the US Army War College Strategic Studies Institute Quarterly Parameters in its Winter 2013-14 Issue. Mr. Zarate has been called “a chief architect of modern financial warfare” and is a Senior Adviser for the Transnational Threats Project and Homeland Security and Counterterrorism Program,  CSIS Senior National Security Consultant and Analyst for CBS News. Mr. Zarate also authored the memoir “Treasury’s War: The Unleashing of a New Era of Financial Warfare” published by PublicAffairs.

In “Conflict by Other Means: The Coming Financial Wars”, Zarate writes that:

“Countries such as Russia and China will continue to challenge the dominance of the US-led international system and the dollar itself. If such attacks succeed, they could weaken the ability of the United States to affect or move private sector decision making in line with national security interests, regardless of what other governments do.”

and further:

“The domain of financial warfare will no longer remain the sole province of American power. A wide array of state and nonstate actors may step up to wield economic power and influence in the twenty-first century.”

He discusses “Challenges to U.S. Financial Power” such as nontraditional currencies, Local Exchange Trading Systems (LETS), Community Exchange System (CES), bartering (e.g. ITEX) and of course Bitcoin:

“{Bad} actors have new digital tools {such as} bitcoin (BTC) …a digital currency …{which}… uses cryptography rather than central authorities to issue and transfer money. The result is that transactions are cheap, accounts cannot be frozen (unless users keep bitcoins in a separate third-party online wallet service), and there are no prerequisites or arbitrary limits for use…”

The Navy

“Radical connectivity is blurring national lines and facilitating the transfer of virtual currency between otherwise disparate non-state actors.”

On March 19th (as amended April 10th), interested vendors began bidding on a Broad Agency Announcement (BAA) project for the Technical Support Working Group (TSSWG) Combating Terrorism Technical Support Office (CTTSO) for the Navy Engineering Logistics Office of the Department of the Navy.

Federal Business Opportunities (FBO) posting of Solicitation Number N41756-14-Q-3272 includes the keyword “bitcoin.” The BAA Includes “R3861: Counter Threat Finance” and “R3830 Methods and Means to Systematically Discern and Display ‘Precursors of Instability’ In The Dark Web.” These were introduced on January 30th in the unclassified PowerPoint presentation and corresponding  “Advance Planning Briefing for Industry” (PDF) as part of a “Irregular Warfare and Evolving Threats Mission” which includes “operational assessment, concept development, and independent validation of unique prototype capabilities to identify, confront, and defeat evolving threats.”

Some may find it unusual that the Navy was one of the original developers of the Dark Web. However, “Tor was originally designed, implemented, and deployed as a third-generation onion routing project of the United States Naval Research Laboratory…for protecting government communications…” and provided funding from 2006 through 2010.  Though I don’t find this any more unusual than the Internet itself starting out as a project from the (Defense) Advanced Research Projects Agency called ARPANET (see “DARPA and the Internet Revolution” [PDF]).

The Dark Web has been part of Bitcoin’s “zeitgeist” since Adrien Chen of Gawker published his infamous piece on Silk Road on June 1st, 2011 “The Underground Website Where You Can Buy Any Drug Imaginable.” It would take another two years before Adam B. Levine of Let’s Talk Bitcoin and I would uncover that the Drug Enforcement Agency appeared to have infiltrated the Silk Road marketplace.   

Early in Bitcoin’s history it was possible to send bitcoin via IP address (e.g. 172.16.254.1) rather than public bitcoin address (e.g. 1BTCorgHwCg6u2YSAWKgS17qUad6kHmtQW).  In November 2009 Satoshi reposted a request from a user to make Bitcoin anonymous and Satoshi discussed privacy and TOR in this regards:

“When you send to a bitcoin address, you don’t connect to the recipient. You send the transaction to the network the same way you relay transactions. There’s no distinction between a transaction you originated and one you received from another node that you’re relaying in a broadcast. With a very small network though, someone might still figure it out by process of elimination. It’ll be better when the network is larger.

If you send by IP, the recipient sees you because you connect to their IP. You could use TOR to mask that.

You could use TOR if you don’t want anyone to know you’re even using Bitcoin.

Bitcoin is still very new and has not been independently analysed. If you’re serious about privacy, TOR is an advisable precaution.”

Privacy is discussed in the original Bitcoin whitepaper (section 10) which mentions how Bitcoin keeps public keys “anonymous.” Satoshi likely used TOR when he announced Bitcoin, published the whitepaper and maintained his status as a Bitcoin developer because his identity is unknown which proves that someone who is skillful  a genius probably could stay anonymous within Bitcoin.

Bitcoin doesn’t have a gatekeeper. Fundamentally no one needs to ask permission to use Bitcoin or run a Bitcoin client making most financial blockades or sanctions at their core ineffectual. If and how Bitcoin will be used in “battle” is a dystopian future that remains to be seen. As the Navy notice observes, “Radical connectivity is blurring national lines and facilitating the transfer of virtual currency between otherwise disparate non-state actors.”

Following are R3830 and R3861 their entirety:

BAA for CTTSO/TSWG Support

Solicitation Number: N41756-14-Q-3272

Agency: Department of the Navy

Office: Navy Engineering Logistics Office

Location: TSWG

 R3861 COUNTER THREAT FINANCE

This requirement is for innovative materiel and non-materiel solutions to develop and/or enhance new concepts and constructs for understanding the role of virtual currencies in threat finance. The world’s population grew by more than a billion people between 2010 and 2013, and by 2020, the number of Internet users is expected to double. Radical connectivity is blurring national lines and facilitating the transfer of virtual currency between otherwise disparate non-state actors. The introduction of virtual currency will likely shape threat finance by increasing the opaqueness, transactional velocity, and overall efficiencies of terrorist attacks. This requirement will explore the unique and required skills necessary to understand and react to the rapidly evolving architecture of threat finance networks within a radically connected hybrid warfare context and will develop solutions to combat vulnerabilities posed by virtual currencies.

 The proposed solutions should consider, but are not limited to, the following:

• Identify relevant case studies from the last 20 years and explore how various funding instruments supported the flow of funds in support of threat finance networks. Determine the extent to which the nature, trajectory, velocity, and decision making supporting funds flows change with the introduction of virtual currencies into the systems.

• Determine the types of “red flags” that have emerged during the introduction of virtual currencies. Determine how these warning signs are being incorporated into future efforts to track ongoing funds flows supporting threat finance based business models. Determine how virtual currencies might alter threat finance models and whether it is possible to predict changes in its architecture.

• Determine how this information might be used to model and test the flow of funds using virtual currency for use both in predicting future attacks and in developing and deploying disruptive strategies to prevent them.

• Determine what capabilities can be used to implement effective countermeasures to identify and mitigate terrorist threats supported by new payment systems and how these capabilities can be enhanced or developed.

• Develop beta test protocols for testing virtual currency risks under a range of scenarios.

 R3830 METHODS AND MEANS TO SYSTEMATICALLY DISCERN AND DISPLAY “PRECURSORS OF INSTABILITY” IN THE DARK WEB

U.S. national security organizations and commands lack the ability to discern, understand, monitor, and where possible, make mitigation decisions against adverse phenomena in the Dark Web, a region of the Internet where activities such as trafficking in drugs, weapons, humans, and chemical, biological, nuclear, and radiological technologies in support of disruptive, nefarious actions goes undetected. Current methods and means for discerning instability inordinately emphasize detection well after disparate phenomena have catalyzed into crisis, therefore forcing policymakers and commanders to react rather than allowing for predictive and proactive measures.

The objective of this requirement is the development of an automated capability to intuitively visualize geographic and functional areas of latent and/or emergent instability in the Dark Web. For the purposes of this requirement, the Dark Web includes sites that are not indexed by major search engines and which are accessed by using anonymizing software (e.g., onion domains). Discerning, then monitoring latent instability manifest in

Dark Web precursors would enable the development of more nuanced, contextually appropriate and proactive theater-strategic policy reflected in: 1) more efficient and effective strategic communications and military information support operations (MISO), 2) enhanced military-to-military engagements, and 3) with an emphasis on UNCLASSIFIED, “share-able” information/knowledge, the creation of “shared understanding” amongst partners and allies leading to combined mitigation actions.

 Lastly, and most critically, the emphasis on identifying precursors to allow detection well left of crisis on a timeline where 1) commander’s mitigation options are more numerous, 2) the risks of execution are relatively low, 3) coordinated interagency collaboration and action has the greatest probability of success, and 4) access to Dark Web information is relatively high (acknowledging that the Dark Web, by definition, is already obscured by security and technical systems and protocols).

Proposed Specifications and Key Performance

Parameters:

 Automated capabilities/specifications:

• Ability to crawl a prepopulated list of Dark Web sites and gather information.

• Ability to discover new sites in the Dark Web as they materialize (some level of latency is permissible, but this must be specified).

• Ability to automatically group/categorize observed potential threats/activities for analysis/visualization by geographic and/or functional area.

• Ability to visualize trends over time with respect to the groupings/categories referenced in the previous bullet in terms of their (1) frequency/commonness and (2) threat intensity in a fashion that is intuitively usable/interpretable by a military commander (i.e., an intelligent non-specialist).

 Manual capabilities/specifications:

• Ability to manually adjust/tweak sites crawled for information.

• Ability to manually adjust/tweak categorization algorithms.

• Ability to search crawled information for specific strings.

• Ability to output data (to include metadata resulting from in-program analysis—e.g., category names and measures of frequency/commonness and threat intensity) in file formats amenable to analysis in other tools (e.g., PNNL’s IN-SPIRE for thematic extraction, R for statistical analysis)

Bitcoin Bomber Center Image Courtesy of Bitcoin not Bombs

Leave a Reply

Your email address will not be published. Required fields are marked *