The Islamic State of Iraq and Syria (ISIS) has been called the world’s richest terror group. While the group generates the majority of its funds through oil fields seized in northern Iraq and Syria, it still relies on a number of other ways to secure financing. Donations from wealthy sympathizers greatly helped ISIS when it was first established. However, now that global governments are aware of ISIS and actively look to track and block all funding efforts through banking channels, donations have become harder to receive. These difficulties have not stopped ISIS from seeking ways to bypass sanctions and money-laundering filters, however. The group has begun to use cryptocurrencies such as Bitcoins as it looks for anonymous and untraceable ways to transfer money.


Virtual currency is an electronic cryptocurrency used to purchase both virtual and actual goods and services. It is not contractually backed by assets or legal currency laws, it is not controlled by a central authority and it is not a tangible good. Bitcoins can be sent to anyone who has an Internet connection.

The first step in dealing in this type of currency is to set up a virtual wallet where Bitcoins and their transaction history are stored. According to CoinDesk, the wallet houses a file of secure digital keys used to access your public Bitcoin address and sign transactions. They are traded by sharing a wallet’s anonymous private identification number with the merchant or peer.

Wallets are a way to store the digital documentation of the Bitcoin value and grant access to users to spend them. There are many kinds of virtual wallets, with the most popular forms being desktop wallets, Web-based wallets and mobile wallets.

  • Desktop Bitcoin Wallets: Desktop wallets offer the most security and anonymity. This type of wallet is a software program that is downloaded onto a user’s computer. Desktop wallets process user transactions, allow users to create new addresses and store the user’s private key.
  • Web-Based Bitcoin Wallets: Web-based wallets store a user’s private key online via a main computer or server that is connected to the Web. Web-based wallets allow for more flexibility as they connect to a user’s desktop wallet and mobile device wallet. However, Web-based wallets have greater risks than desktop wallets. According to Bitcoin Reporter, these wallets hold user keys, leaving users vulnerable to any difficulties the service experiences, such as hackings, regulatory problems and technical issues.
  • Mobile-Based Bitcoin Wallets: Mobile wallets work via smartphones. Users must download an app to access their virtual currencies. These apps are simple vehicles into your wallet that you can use on your smartphone. They only use a subset of the block chain and rely on other networks to ensure all the correct information is there for the transaction to take place.

The ISIS-Bitcoin Nexus

Like most forms of technology, fraudsters, criminals and terror groups will find ways to exploit them for nefarious uses — Bitcoin is no different. Due to its anonymity and untraceabilitiy, it is used for criminal activities such as laundering money, buying and selling illegal goods and services and transferring money to support criminal or terror activities. Al-Khilafah Aridat: The Caliphate Has Returned, a pro-ISIS blog, discusses how Bitcoins can be used to fund the caliphate. The post states that they are untraceable by Western governments and, therefore, they will not be stopped by regulatory screening processes. The blog then discusses the decentralized nature of virtual currencies, specifically stating that they are able to access markets that cross all borders and nation-state regulations to send money instantly and in a way that is untraceable by “Kafir” governments.

In an additional step to keep the senders’ and receivers’ identities secret, the blog post discusses the use of dark wallets. Dark wallets offer Bitcoin users more protection in relation to privacy and identity. It is also widely known that dark wallets may enable serious crimes such as murder, child pornography, drug and weapon sales and terror group financing.

According to the blog, Bitcoins are an entirely anonymous donation system that could send millions of dollars instantly from the United States, United Kingdom, South Africa, Ghana, Malaysia and Sri Lanka.

On Oct. 13, Reddit’s Bitcoin forum discussed how the ISIS blog site was accepting Bitcoin as a form of payment on the Swedish/Latvian conversion site The blog claims the payments are strictly for maintenance and hosting the website. Reports indicate that closed the account, claiming it has a strict terms and conditions policy that prohibits using its service for illegal activities. lists its terms of service on its site and bans the following:

  • Anything forbidden by Swedish law;
  • Spamvertising websites;
  • Malicious software such as mail and network bombers, spam, virus operation software and control centers;
  • Scam and phishing websites such as fake eBay, PayPal and bank login forms;
  • Network abuse (i.e., network scanning).

Analyst Comments

It is not surprising that ISIS would begin to adapt to using cryptocurrencies as a way to receive funds; the group has proven to be quite skillful with technology and social media. ISIS has been known to spread propaganda, recruit individuals and seek funds through tools such as Twitter, Facebook, YouTube and

There are some challenges with how ISIS would turn Bitcoins into physical currency in the states in which it operates. Many ISIS-controlled territories do not have the technology to extract high amounts of Bitcoins for cash. However, nearby Turkey, Israel and Dubai all have a small but flourishing Bitcoin community, with a few Bitcoin ATMs available. Bitcoin ATMs work just like bank ATMS and are electric communication devices that allow Bitcoins to be exchanged for cash without the need for a cashier. It is important to note that some models only allow for the purchasing of Bitcoins. When a Bitcoin ATM is not available, users can sell them online; however, this type of sale often requires users to verify their identity.

More from Banking & Finance

Cost of a Data Breach: Banking and Finance

The importance of cybersecurity has touched almost every industry. Beyond that, robust cybersecurity is table stakes for several sectors, particularly health care and the banking and finance industry. Not only is financial data at risk, but so is customer trust. In banking and finance, trust means everything. Yet, consumers are hesitant to share their confidential data. A recent McKinsey survey revealed that no industry achieved a trust rating of 50% for data protection. Here’s the most sobering stat: 87% of…

What Do Financial Institutions Need to Know About the SEC’s Proposed Cybersecurity Rules?

On March 9, the U.S. Securities and Exchange Commission (SEC) announced a new set of proposed rules for cybersecurity risk management, strategy and incident disclosure for public companies. One intent of the rule changes is to provide “consistent, comparable and decision-useful” information to investors. Not yet adopted, these new rules – published in the Federal Register on March 23 – could change reporting requirements. Take a look at some of the big-ticket items and what your organization needs to know.…

SEC Proposes New Cybersecurity Rules for Financial Services

Proposed new policies from the Securities and Exchange Commission (SEC) could spell changes for how financial services firms handle cybersecurity. On Feb. 9, the SEC voted to propose cybersecurity risk management policies for registered investment advisers, registered investment companies and business development companies (funds). Next, the proposal will go through a public comment period until May 9.  The Importance of Cybersecurity in Finance The 2021 X-Force Threat Index found that financial services were the most targeted industry. Manufacturing beat out…

Top Security Concerns When Accepting Crypto Payment

From Microsoft to AT&T to Home Depot, more companies are accepting cryptocurrency as a way to pay for products and services. This makes perfect sense as crypto coins are a viable revenue source. Perhaps the time is ripe for businesses to learn how to receive, process and convert crypto payments into fiat currency. Still, many questions remain. How can you safely enable customers to pay with Bitcoin or other digital currency? What are the security risks that come with cryptocurrency? Let’s…