Earlier this week, Russia invaded Ukraine in what President Vladimir Putin described as a “special military operation.”

The international response has been swift, with Russia now facing widespread and sweeping sanctions. The European Union imposed sanctions aimed at "Kremlin interests," while U.S. President Biden denounced the invasion as a "premeditated attack," announcing a wave of sanctions aimed at Russia's banks and state-owned enterprises.

Germany has frozen approval of the Nord Stream 2 gas project, which is designed to increase the flow of Russian gas to the European continent. The UK has also imposed "punishing sanctions" that will "devastate Russia's economy and target Vladimir Putin's inner circle."

So far, the international community has held back from the UK's demand to bar Russia from the SWIFT international payments network. But Bitcoin and other cryptocurrencies could provide President Putin with a means of evading international sanctions and their attendant financial costs.

“As with the traditional financial system, Russia can leverage cryptocurrency to evade the sanctions that are being put in place in response to their invasion of Ukraine," Caroline Malcolm, Head of International Policy at blockchain analytics firm Chainalysis, told Decrypt. But she added that crypto doesn't provide Russia with a silver bullet for evading sanctions: "As in the traditional financial system, the cryptocurrency ecosystem can put measures in place to identify transactions from identified sanctioned entities." 

Crypto ‘undermines’ U.S. sanctions

In October last year, the Biden administration warned that cryptocurrencies—described as digital assets by the Treasury Department—could undermine the United States’ broader sanction regime.

“These technologies offer malign actors opportunities to hold and transfer funds outside the financial system,” the Treasury Department said in a report. “They also empower our adversaries seeking to build new financial and payment systems intended to diminish the dollar’s global role.”

North Korean Nuclear Weapons Program Financed in Crypto: Report

North Korea’s nuclear and ballistic missile programs rely heavily on revenue from cyberattacks and cryptocurrency exchanges, according to a United Nations report seen by Reuters.  “According to a member state, DPRK cyber actors stole more than $50 million between 2020 and mid-2021 from at least three cryptocurrency exchanges in North America, Europe and Asia,” the report said.  While the illicit crypto industry is going strong in North Korea, other, more common sources of illegal revenue—like il...

The pariah state of North Korea has reportedly part-financed its nuclear and ballistic missile programs using cryptocurrency, according to a United Nations report. A number of countries including the U.S., Japan, Australia and UK have imposed sanctions on North Korea, which has employed hackers to steal over $400 million in cryptocurrency from exchanges. North Korea also has an active crypto mining program, including Bitcoin and the privacy-preserving cryptocurrency Monero.

And as far back as 2018, businesses in Iran were able to use Bitcoin and other cryptocurrencies to evade sanctions imposed by then-U.S. President Donald Trump. "We chose crypto because sanctions could not block the accommodation payments made by our clients," an Iranian travel agent told Decrypt at the time.

Ransomware

One of the principal methods Russia can use crypto to evade sanctions is through ransomware attacks—an industry already driven by majority-Russian activity. 

A report from Chainalysis recently found that individuals and groups based in Russia (some of which have already been sanctioned by the United States) account for a “disproportionate share” of crypto-related crime. 

Russia Takes Down REvil Crypto Ransomware Group

The Federal Security Service (FSB)—Russia’s domestic intelligence service—has said it has dismantled the REvil ransomware group at the request of the United States. The FSB reportedly conducted an operation that detained and charged several of the group’s members.  One day later, a court in Moscow also detained six individuals described as suspected members of the group.  What is REvil? REvil is a Russia-based hacker group responsible for several ransomware attacks in which it demanded payment i...

One such example is ransomware. Chainalysis’ research found that roughly three quarters (74%) of global ransomware revenue in 2021 financed sources “highly likely to be affiliated with Russia.” 

Russia also houses several crypto businesses that process “substantial transaction volume” from illicit sources. Moscow’s Vostok skyscraper—the tallest building in Russia—is one high-profile home for cybercrime. 

But at the tip of the Russian ransomware spear has been Russia-affiliated cybercrime group REvil. Earlier this year, Russia’s domestic intelligence service, the Federal Security Service (FSB), said it had dismantled the REvil ransomware group at the request of the United States. 

That announcement was met with skepticism at the time, which was reiterated by Hassold during his interview with Decrypt. 

Russia’s Most Prestigious Skyscraper Is Home to Crypto Hackers: Report

In Moscow’s city center, Russia’s tallest skyscraper—known as Vostok—is facilitating business for hackers, cybercriminals, and money launderers. According to Bloomberg, experts have successfully linked at least four companies that are either based or operating in Vostok to launder money associated with ransomware activity.  These four companies are Suex OTC, EggChange, Buy-bitcoin.pro.  Suex OTC, per cited Chainalysis data, has processed—at a minimum—$160 million in Bitcoin from illicit and high...

“It’s unknown who was actually arrested,” former FBI agent and current Director of Threat Intelligence at Abnormal Security, Crane Hassold, told Decrypt. “Were they just affiliates, or were they the main actors? I don’t think we know any of that.”

Cryptocurrency is the “primary factor” driving today’s ransomware landscape, Hassold added. “It essentially allows the overall ransomware payments that we’ve previously seen to scale to numbers that are pretty crazy.”

Bitcoin mining

The Russian crypto-related ransomware industry is already well documented, but a second crypto-related stream of income—Bitcoin mining—is also being pursued by President Putin. 

Earlier this year, the president said that Russia has “competitive advantages” in Bitcoin mining, referencing the country’s “surplus of electricity and well-trained personnel.” For the time being, Putin's assertion appears to have been borne out; Bitcoin mining in Russia has continued mostly without interruption.

"Much of Russian Bitcoin mining is powered by domestic natural gas or [hydroelectric power] in Siberia," Will Foxley of Compass Mining told Decrypt. "It's unlikely that hashpower goes offline, unless sanctions influence pool providers."

To date, it is not clear whether the Russian state has bought any Bitcoin, but the government has been eyeing up the cryptocurrency as a means of sidestepping sanctions since as early as 2019. 

What can be done?

There are some ways to combat the use of crypto to evade sanctions, however.

Chainalysis' Malcolm told Decrypt that the U.S. and other sanctioning governments around the world can invest in blockchain analytics to “get ahead of Russian efforts” to evade sanctions using cryptocurrencies. 

“The transparency of the blockchain combined with these tools can be a powerful strategy to ensure that sanctions remain a credible deterrent,” she said.

Meanwhile, the Treasury Department’s sanctions report made two recommendations to ensure that the United States’ sanctions regime evolved in lockstep with the advent of cryptocurrencies. 

First, the report argued for sanctions that were easily understood, enforceable and adaptable. 

“The Treasury can build on existing outreach and engagement capabilities through enhanced communication with industry, financial institutions, allies, civil society, and the media, as well as the new constituencies, particularly the digital assets space,” the report said. 

Digital Assets Weaken US Sanctions Regime: Treasury Dept

A report released by the Biden administration earlier this week warned that digital assets pose a risk to the United States’ sanctions program.  “Technological innovations such as digital currencies, alternative payment platforms, and new ways of hiding cross-border transactions all potentially reduce the efficacy of American sanctions,” the report from the U.S. Treasury Department said.  “These technologies offer malign actors opportunities to hold and transfer funds outside the collar-based fi...

The report also called for the Treasury to invest in “deepening its institutional knowledge and capabilities in the evolving digital assets and services space to support the full sanctions lifecycle of activities.”