Dealing with illicit crypto activity

“While this is a nuisance problem at small-scale, the scale of attacks we are observing demonstrates that illicit cryptocurrency activity has matured into a systemic national security risk,” says Joe Dobson, a threat intelligence analyst at Mandiant.

Crypto crime continues to be a concern for both organizations and governments in the APAC region. While the adoption of crypto payments is seemingly moving towards a positive direction in the region, the increase in illicit crypto activity may impact how businesses use it.

Joe Dobson, a threat intelligence analyst at Mandiant, which is now part of Google Cloud explains more about the challenges in crypto today and what needs to be done to deal with this issue. Dobson also shares how Google Cloud is looking to deal with this problem.

What are the biggest challenges when it comes to crypto today?

The biggest challenges in cryptocurrency today are centered around education. Cryptocurrency is a topic with incredible breadth and depth - from understanding its peer-to-peer decentralized nature, to fully comprehending the security risks around private key storage, there is an incredible amount of nuance that can have significant impact on users. It is also a very unforgiving technology. For example, a one-character typo in an address can lead to loss of funds.

Why is illicit crypto activity a big problem, and what can be done to deal with it?

Cryptocurrency is both permissionless and immutable, meaning that anyone can use it and actions taken are permanent. This creates an opportunity for bad actors: once they acquire cryptocurrency through illicit means, it is exceedingly difficult to recover. While this is a nuisance problem at small-scale, the scale of attacks we are observing demonstrates that illicit cryptocurrency activity has matured into a systemic national security risk. Billions of dollars are being stolen by malicious threat actors.

To deal with this, governments and enterprises must focus on disrupting entire criminal ecosystems while imperiling the cryptocurrency ecosystem itself. This is no small task and requires organizations - especially government and law enforcement - to have increased expertise and training.

Why is it important for governments and organizations to deal with this problem, especially as crypto payments grow globally?

We must consider not just where technology is currently, but where it will be in the near future. Cryptocurrency adoption is on the rise, as is AI adoption. Some AI agents and bots already have the ability to spend cryptocurrency. The volume and velocity of illicit transactions will only grow as malicious AI is enabled to make payments using cryptocurrency. Governments and organizations must make preparations and meet the moment to minimize illicit activity and ensure trust in digital payments. This will require more public-private partnerships, collaboration, and organizations must focus on utilizing threat intelligence into their operations.

What is Google Security doing about these problems?

Our deep understanding of threat actors reveals their motivations, their tools and tactics, and their expertise. Our threat intelligence tracks threat actors as they traverse Web2 and Web3 technologies, and the information integrates directly into Google Cloud Security products. This is then used to help protect and inform our clients.

It is especially important for cryptocurrency organizations to prevent theft. This is why we make some security resources available to the public, such as security-focused blogs (as seen in the Google Cloud Web3 Portal) and a dedicated “Threats to Web3 and Cryptocurrency” section in Mandiant’s 2025 M-Trends report. We must “get the word out” about the illicit activity that we observe so that responsible parties can take action.