Former CIA Official Warns of Cryptocurrency Spying Threat in US

Since the advent of Bitcoin, cryptocurrencies have become a common currency in global intelligence operations. Malicious actors increasingly use digital assets to fund their illicit activities inconspicuously. But law enforcement agencies are not taking this threat seriously enough.

Matthew Hedger, a former CIA agent and expert on anti-money laundering, insider risk, and organized crime, told BeInCrypto that the use of cryptocurrencies by nation-state actors for global espionage is nothing new. Nevertheless, the U.S. is already more than a decade behind in its ability to identify, track, and deter such instances.

Cryptocurrency, Global Spying Activity on the Rise

The use of cryptocurrencies has always been associated with illicit activities. Their borderless nature and the perception of untraceability have consistently made them an important tool for illicit schemes .

This problem is becoming more serious as there are increasing instances where cryptocurrencies are clearly linked to malicious actors.

In 2023, Polish authorities dismantled a Russian spy ring comprised of young, untrained agents recruited online to sabotage aid to Ukraine. They were paid in cryptocurrency.

By December 2024, the UK’s Operation Distabilize had dismantled a multi-billion dollar Russian-linked money laundering network. Groups like the Smart Group used cash-to-cryptocurrency exchanges to fund espionage, evade sanctions, and launder illicit profits globally.

Earlier this month, U.S. prosecutors charged Russian national Yuri Gugnin with laundering more than $530 million in cryptocurrency, allegedly to fund Russian intelligence and evade sanctions.

Last week, Reuters reported that an investigation led to the arrest of Canadian teenager Raichan Pavan in Poland in May 2024 on charges of spying for Russian intelligence and receiving payment in Bitcoin.

Cryptocurrencies are often seen as a tool for common criminals, but state actors have been using them since their inception.

Veteran's Perspective: Cryptocurrencies Are an Established Threat

Former intelligence officer Hedger, who spent 17 years in the intelligence community at the CIA and National Security Agency (NSA), argues that cryptocurrencies have long been a part of global intelligence, rather than a new medium.

“It really caught on with the intelligence community around 2013 or 2014. All the major agencies started using it actively. So we haven’t been watching it for 10 years. We’re already there,” he told BeInCrypto.

Hezer’s conviction comes from first-hand experience using Bitcoin for intelligence operations and witnessing other actors using it for state-sponsored activities.

Cryptocurrencies are almost naturally suited to these activities because of their unique properties.

“Cryptocurrencies are much more suitable for intelligence operations, primarily because of their cross-border capabilities. If I were to take $10,000 or more through an airport internationally, I would risk getting caught. But I could put $1 million in a cold storage wallet and have it stored on a separate USB drive and get through the airport,” Hedger added.

Blockchain analytics has come a long way since the invention of Bitcoin, but it is not yet advanced enough to easily solve cases involving state-sponsored espionage.

Solving the Cryptocurrency Spy Case… Is Human Information the Key?

In analyzing various global espionage cases, Hezer emphasized the importance of the human element in solving such incidents.

In the Pavan case, investigators had no starting point for blockchain analysis until Pavan turned himself in. Thanks to the key information he provided, they were able to trace the flow of funds.

“A lot of times, it’s not like someone is sitting down and analyzing the blockchain and saying, ‘Oh, there’s some bad activity going on there.’ It’s a human being, like this kid, pointing to a blockchain address and saying, ‘I’m going to turn myself in and tell the police,’” Hedger said.

It was only after Pavan pointed the investigators in the right direction that they were able to find the $600 million umbrella wallet.

“But on the other hand, they still couldn’t actually attribute that $600 million to the owner. So it works very well if someone points to that jar over there and says, ‘That jar over there is involved in something bad,’ but it’s very difficult to look at the entire blockchain and say, ‘There’s something bad over there,’” Hedger added.

At the same time, specific details of the Pavan incident have made Hezer more aware of the operational capabilities of these Russian actors.

Russia's calculated carelessness

The Pavan incident attracted considerable attention from security experts and analysts, many of whom described the recruitment of child spies like Pavan as untrained amateurs, suggesting that Russia acted either negligently or desperately.

He called using teenagers as spies “immoral,” and the details of the case showed that Russia’s seemingly careless actions were, contrary to popular belief, calculated and intelligent.

Pavan received very small Bitcoin transfers via Telegram to support himself, especially considering that they came from over $600 million in funds.

Pavan was recruited as a spy, but surprisingly, he was given far less security than intelligence agents normally receive.

These details may indicate that Russian intelligence knew that Pavan was not up to the job. After all, he revealed himself while drunk.

Since Pavan was an amateur, Russian intelligence did not waste more sophisticated tools on him.

“We know that the Russians can launder cryptocurrencies if they want to. The best techniques for protecting someone are reserved for very valuable people, and only those who are trusted not to expose their technology,” Hedger told BeInCrypto. “That’s why they paid him very little, and the reason they used the worst trading techniques is because they thought there was a high chance of information being leaked. And they were right.”

The Pavan incident has highlighted Russia’s calculated approach while also highlighting the harsh realities of its global preparedness.

How Under-Equipped Is the US?

According to Hezer, the U.S. is far behind in addressing the threat of cryptocurrency espionage.

“We’re 10 to 15 years behind in the game. We should have changed 10 years ago. And now the problem is so big. I don’t think people understand how big it is,” he said.

For him, the Yuri Gugnin case was the only instance in the United States where investigators effectively combined blockchain forensics with traditional financial investigation techniques to piece together a $530 million espionage scheme. It was the exception to the rule.

“Now, I have friends in law enforcement. They’ll say, ‘We only catch idiots.’ And if someone is smart, it’s because there was a leak in the organization. A human being came in and told us that we weren’t beating them at their own game,” Hedger added.

Several factors contribute to America's inability to catch up.

New expertise needed

According to Hezer, there is a huge knowledge gap between criminal money launderers and anti-money laundering experts.

“If you take an AML investigator, it’s very unlikely that they’ll be able to launder the money themselves,” he told BeInCrypto.

According to him, the only solution to this problem is for law enforcement and intelligence agencies to work with former money launderers who operated using cryptocurrencies.

“I don’t think we’ve completely shifted yet to the type of people we’re hiring on the law enforcement side,” Hedger said. “If [criminals] are laundering money through NFTs, it’s going to take a lot of investigators a while to figure out what an NFT is.”

This idea is not new to law enforcement, who often use undercover informants to get information about other operations, such as drug, organized crime, or counter-terrorism.

But this is not the only problem that U.S. intelligence leadership must solve to make up for lost time.

The arrogance of underestimation

Hezer criticizes law enforcement for their arrogance and their tendency to mischaracterize those involved in money laundering with cryptocurrencies as “stupid.”

“When we categorize our opponents as these immature Neanderthals and underestimate them, we naturally fail to notice the most sophisticated movements they make,” he said.

After all, these are organizations with abundant resources.

“They are an organization that makes billions of dollars a month and can afford to hire the best help in the world to solve their problems. And they certainly do that when it comes to laundering cryptocurrencies,” Hedger added.

He attributes part of the problem to a disconnect between intelligence and law enforcement.

Intelligence agencies have been tracking cryptocurrencies since Bitcoin’s inception in 2008 , but law enforcement has only recently begun to connect the two.

“There’s a lot of stovepiping in the intelligence community and law enforcement. We don’t communicate well with each other, and we don’t get along very well in many cases. So intelligence started using it, but they weren’t telling law enforcement what was going on. So I think law enforcement didn’t get into the game until Silk Road came along,” he said.

Better communication between different agencies fighting the same battle will be critical.

Will the US Efforts Seize the Opportunity?

Since retiring from the CIA two years ago, Hedger has argued that U.S. law enforcement needs to change the way it handles cryptocurrency-related espionage cases . But he has yet to see the changes needed.

“In my opinion, it will require a lot of collaboration that doesn’t exist today,” he concluded.

The heightened global tensions will inevitably lead to an increase in espionage activities, and the role of cryptocurrencies in these activities is a constantly growing factor.

This threat raises important questions about whether counterintelligence efforts are sufficient to combat these growing threats.