Srsly Risky Biz: Canada's expulsion from Five Eyes would be a disaster - Risky Bulletin

Summary6 min read

Risky Bulletin Summary: "Srsly Risky Biz: Canada's expulsion from Five Eyes would be a disaster"

Hosted by Risky.biz, the "Risky Bulletin" podcast delivers in-depth cybersecurity news and analysis. In the February 27, 2025 episode titled "Srsly Risky Biz: Canada's expulsion from Five Eyes would be a disaster," hosts Patrick and Tom Uren delve into critical issues affecting global cybersecurity alliances, encryption debates, and the persistent challenges in the cryptocurrency ecosystem.

1. Canada’s Potential Expulsion from the Five Eyes Alliance

Key Discussion: The episode opens with a significant revelation: reports suggesting that the U.S. government is contemplating the removal of Canada from the Five Eyes intelligence alliance. This consideration has stirred considerable debate, given the profound implications for international intelligence collaboration.

Notable Quotes:

Patrick [02:02]: "There was this whole burp in the news cycle in the United States about the U.S. government considering removing Canada from the Five Eyes alliance, which is probably bigger news than the average would realize."
Tom Uren [02:16]: "I think what is interesting here is that it's even considered. So it's probably fair to say that the Trump administration is not afraid of killing sacred cows."

Insights: Tom emphasizes the gravity of such a move, highlighting the Five Eyes as "the crown jewels" of intelligence partnerships. The discussion underscores that the alliance's strength lies in mutual trust and the unique contributions each member brings, such as Canada's strategic Arctic territories essential for early warning systems against nuclear ballistic missiles.

Implications: Patrick raises concerns about the broader fallout if Canada were expelled, suggesting it could undermine the alliance's cohesion and prompt other members to reassess their international partnerships. Tom concurs, viewing the consideration as a "warning shot" that signals the need for all Five Eyes members to contemplate contingency plans.

2. The Vital Importance of the Five Eyes Partnership

Key Discussion: The hosts explore the indispensable role that the Five Eyes alliance plays in global intelligence sharing, especially in regions critical to national security, such as Southeast Asia for Australia.

Notable Quotes:

Tom Uren [04:40]: "It's an ongoing relationship where everyone benefits more than you would being on your own."
Patrick [07:39]: "Five Eyes has been around 50 odd years... it's the best time to plant a tree is today."

Insights: Tom reflects on his experience with ASD (Australian Signals Directorate), illustrating the seamless collaboration with the NSA, which exceeded the efficiency of working with separate government departments. Patrick adds that replacing such a well-established alliance is unfeasible in the short term, emphasizing the necessity of nurturing regional cooperation and enhancing intelligence capabilities independently.

Strategic Considerations: The conversation highlights the challenges in replicating Five Eyes' effectiveness, given the U.S.'s pivotal role and resources. Both hosts agree on the importance of investing in regional intelligence partnerships to ensure resilience against potential disruptions in traditional alliances.

3. Sweden’s Demand on Signal and the Encryption Paradox

Key Discussion: Shifting focus, the episode examines Sweden's government's attempt to compel Signal, a popular encrypted messaging app, to incorporate surveillance capabilities. Signal’s steadfast refusal underscores the ongoing global debate over encryption and privacy.

Notable Quotes:

Tom Uren [14:45]: "It's a perfect encapsulation of the paradox around end-to-end encryption."
Patrick [19:28]: "This is the first time where we've seen a major change in a popular technology service being offered to a population of an entire country resulting from the issuance of a technical capability notice."

Insights: Tom points out that Sweden's approach is an anomaly, as most countries lack the geopolitical leverage to enforce such demands on tech companies. He contrasts this with the U.S., where political infighting stalls decisive action on encryption policy. Patrick further discusses the broader implications, noting that while the UK achieved partial success by compelling Apple to disable a specific data protection feature, the long-term effectiveness remains uncertain.

Encryption Debate: The hosts delve into the nuanced balance between national security and individual privacy, illustrating the complexities faced by governments worldwide. They acknowledge China's model, where state security clearly overrides personal privacy, leaving little room for debate—a stark contrast to the fragmented global stance on encryption.

4. The UK’s Encryption Battle with Apple

Key Discussion: The conversation extends to the UK's recent legal maneuvers against Apple, seeking access to encrypted iCloud content. Apple's resistance led to the withdrawal of advanced data protection features in the UK, sparking debate over the true victory for law enforcement.

Notable Quotes:

Patrick [16:19]: "From the British perspective, that's still a win because they're still able to get a warrant for iCloud data."
Tom Uren [17:29]: "From the broader government perspective, it's not a win; it's not totally a cyber."

Insights: Patrick argues that while Apple’s withdrawal might appear as a tactical loss, it actually represents a strategic win for the UK by maintaining the ability to secure warrants. Tom, however, contends that the broader objectives of seamless enforcement were not fully achieved, rendering the outcome only partially successful.

Political Ramifications: The episode highlights the delicate interplay between technology companies and government regulations, suggesting that public indifference to Apple's concession may influence future negotiations. The hosts speculate on whether this incident signals a temporary shift or a lasting change in how governments and tech firms interact over encryption issues.

5. Cryptocurrency’s Ongoing Struggles with Security and Sanctions

Key Discussion: Addressing the Chainalysis report, Patrick and Tom analyze the persistent vulnerabilities in the cryptocurrency ecosystem, especially concerning North Korean cyber thefts. Despite numerous sanctions and disruption efforts, North Korean hackers continue to operate with increasing efficiency.

Notable Quotes:

Tom Uren [20:47]: "The amount of value stolen just keeps on going up... they've got their laundering down to a pretty fine art."
Patrick [22:52]: "Chainalysis says that it's collaborated across the industry and has helped to freeze more than $40 million stolen in the Bybit hack. For those keeping count, that's only 1.46 billion to go."

Insights: The discussion reveals that North Korean cybercriminals are adept at evading sanctions, swiftly reconstituting operations under new aliases and utilizing sophisticated laundering techniques. Despite government efforts to clamp down, the decentralized and resilient nature of cryptocurrency enables continuous exploitation.

Chainalysis Report Highlights:

Increased Theft: The report indicates a doubling of stolen values from 2023 to 2024, with a single incident in the current year surpassing all previous thefts.
Sanctions Evasion: A significant number of KYC-free exchanges facilitate the rapid re-establishment of illicit activities, undermining regulatory efforts.
Laundering Efficiency: The ability to freeze only a fraction of stolen funds highlights the challenges in tracing and reclaiming cryptocurrency assets.

Future Outlook: Tom emphasizes the need for enhanced visibility and comprehensive tracking within the cryptocurrency supply chain to mitigate such sophisticated thefts. Patrick underscores the irreversible nature of cryptocurrency transactions once funds are stolen, contrasting it with traditional banking systems where funds can often be retrieved.

Conclusion

In this episode, Patrick and Tom Uren provide a thorough examination of critical cybersecurity issues, from the potential disintegration of the Five Eyes alliance to the intricate battles over encryption and the relentless challenges posed by cybercriminals in the cryptocurrency domain. Their insightful analysis underscores the evolving landscape of global cybersecurity and the imperative for robust, adaptable strategies to safeguard national and international security interests.

Listeners can find more detailed analyses and subscribe to the Risky Biz newsletter for ongoing updates on these and other pressing cybersecurity topics.

End of Summary

Loading summary

Transcript54 lines

[00:00]
A
Foreign and welcome to Seriously Risky Business, the podcast we do here at Risky Biz hq. All about policy and intelligence as it pertains to cyber. All of that good stuff. And yeah, in this podcast, as always, we're going to talk to my colleague Tom Uren, who is our Policy and Intelligence editor. And this edition of Seriously Risky Biz is brought to you by Nucleus Security, who make a tool that basically ingests vulnerability scanning information and ingests data from a whole bunch of vulnerability tools and normalizes it and helps you slice and dice it and get it to the right people and track it and whatnot. And yeah, very cool stuff. So you can find them easily by looking for Nucleus Security. And of course, we would like to thank the William and Flora Hewlett foundation for supporting Tom's work with us. And also Lawfare Media, who syndicate the Tom's newsletter. So, you know, you may have read it on the Lawfare Media blog once upon a time, but Tom, thanks for joining us, mate. Good to see you.
[01:01]
B
G'day, Patrick. How are you?
[01:02]
A
Good, good. So we have finished the edit of your newsletter for this week and of course people can find it at Risky Biz and subscribe to it. And I recommend like, you know, 15, 20,000 other people that they do that. And you've covered a few things this week. You've covered a push by the government in Sweden to get signal to build a surveillance capability, you know, a message retrieval capability into the product, which they're not going to do. You've covered the chainalysis report into the crypto ecosystem. That's also very interesting. We touched on it briefly yesterday in the show with Adam, but something we didn't talk about in yesterday's show, which is big news. Also a bit of a storm in a teacup because it's not going to happen. But there was this whole burp in the news cycle in the United states about the U.S. government considering removing Canada from. From the Five Eyes alliance, which is probably bigger news than the average would be a bigger deal than the average punter would realise. I mean, is that a fair thing to say, do you think?
[02:03]
B
I think what is interesting here is that it's even considered. So it's probably fair to say that the Trump administration is not afraid of killing sacred cows, taking them, practically lining.
[02:17]
A
Them up at this point. Like, if you're a sacred cow, watch out in this admin.
[02:22]
B
Yeah, that's right. And so the, I guess from an intelligence professional's point of view, it's like this is the most Sacred of cows. It's like the someone, when I was starting at Defence, described the relationship with the US in intelligence circles, and particularly in signals intelligence circles as like the crown jewels. So it's one of the things that the other five Eyes countries, Australia, New Zealand, Canada and the uk really value. And is sacred too strong a word? Probably not, actually.
[03:00]
A
Well, I mean, I think also, and this isn't something that we just like go blah, blah, blah every time and talk about, but you actually worked at ASD, which is our NSA, which is our Five Eyes, you know, SIGINT agency. You worked there for 15 years, you've been out for quite some time. But I guess the reason I'm saying this is, you know what you're talking about when it comes to understanding how essential this, you know, coalition, this alliance is.
[03:22]
B
Yeah, yeah. So rather remarkably, like, I think within the first couple of months of starting at, it was then called dsd, but asd, nowadays, someone just said, oh, well, email this person from NSA and ask them. And like you just shoot off an email and they reply. It's like amazing. It's like you get better responses than you would from a separate government department. In Australia. It felt like you were working almost in the same organization. Now, of course you're not, but I think that this idea, even the idea that you would put that at risk is kind of shocking.
[04:03]
A
Yeah.
[04:04]
B
And the reason that that relationship works so well is because everyone understands that, yeah, there's give and take over time. It's an ongoing relationship where everyone benefits more than you would being on your own. Even the US benefits more than they would than being on their own. And so to, I guess, instrumentalize it in such a way as to use it as leverage for something else. I think it really fundamentally attacks, like, how that works. Like that's not how a real partnership works.
[04:40]
A
Yeah, I mean, I think from my perspective, I mean, first of all, yeah, it's. It's a crazy thing to even think about. It looks like, you know, someone leaked this. Oh, this is being considered or whatever, and it got shut down pretty quick. Right. So pretty quickly they're like, oh, no, no, we're not going to do it. But as you say, the fact that it was even discussed at all is concerning, as a certain billionaire is prone to saying. I guess from my perspective, the reason it's concerning is not necessarily that the alliance couldn't continue without Canada's input. I mean, I'm sure it would be a loss, but the thing that I would find concerning is it would prompt other members of the alliance to lose faith in the alliance and start re examining their relationships with other intelligence agencies and maybe forming different types of coalitions and trying to figure out a plan B. Right. And this is something that we talked about quite heavily when we were working through the edit of your, of your piece of analysis on this again in your newsletter, which people can find it risky biz. But I mean, that would, that would be my concern. Like from, from an Australian perspective, if I'm the foreign minister or the defence minister, I'm thinking, wow, you know, it's possible that we could get into some diplomatic spat with the United States and get kicked out of the alliance. Where would that leave us? We need a plan B. We maybe need to reach out to the Japanese, to the Koreans, try to figure out what else we can kind of get going on the side here. I mean, is that fanciful or would you think that that is at least the topic of a couple of meetings happening in Canberra, for example, today?
[06:07]
B
Look, I think that the reason I picked up on this is that I think it's a wake up call and that in fact it's not that if it happened, these organizations that think of a plan B, I think it's a warning note that they should already be thinking of a plan B. And so the denial that Navarro issued, I thought was very funny because he, when you read it very.
[06:32]
A
This is one of Trump's advisors, right? Peter Navarro.
[06:34]
B
Yeah, yeah. So he was arguing that this happened, that the threat of expulsion be used as a lever. And so he denied that he said it, but in a way that doesn't actually deny that he said it. And I thought that was very funny.
[06:47]
A
Yeah, it doesn't accord with what I'm hearing through various grapevines either. But anyway, that's a detail we don't need to get into.
[06:53]
B
But I think it's very easy to think this is just a thought bubble that doesn't mean anything. We can just all move along and pretend that nothing happened. But I actually think it's a warning shot. Like, you know, it's something that serious people at high levels are at least thinking about. And so that means that from an Australian or a Canadian, especially a Canadian perspective, you need to be thinking, what is the plan B? Like, this is a tremendously valuable relationship. We can't replace it, but we should at least be thinking about what will we do if that falls apart. And I think that holds for all the members of the Five Eyes, including like NSA itself. Like, what's the, how do you respond to that kind of.
[07:40]
A
Well, we should say some Five Eyes partners have more visibility into certain regions and organizations than others. And as you point out, they share this information. Right. So a lot of what the alliance does is actually, I mean, they're all about government efficiency. Right. And, you know, nothing does more for the efficiency of intelligence services than the Five EYES alliance because it avoids, to a degree at least, avoids, duplicated efforts in certain regions. Right. So there's, there's a bit of a division of effort there. I mean, I'm not too familiar with what Canada's regional concerns would look like. Right. Because of where they're situated geographically, you know, but when you think of it from an Australian perspective as we are, we literally have Chinese warships doing live fire exercises 200 miles or 300 kilometers off our coast at the moment, not giving any warnings, you know, disrupting air traffic, just generally being belligerent asshats. And it feels a little different here. You know what I mean? Like, this feels like something that. And I'd imagine for the Brits as well, you know, it feels. Yeah. Threatening. It feels threatening. It feels scary. You know, I don't like this. I don't like this. It's not a good feeling. Make it stop.
[08:53]
B
Yeah, yeah. Like you say, each partner brings something different, and often that's. For most of them, it's geographic difference. Now, Canada being right next to the States, doesn't have so much of that, but at least in the old days, part of the, like, part of the deal was that. I'm not sure if it was part of the deal, but part of what Canada brought is that they have a whole lot of territory up in the Arctic Circle where nuclear missiles were meant to fly over.
[09:23]
A
Yeah.
[09:24]
B
On the, on their way to the continental United States. So that seems like that's a relationship you want to preserve.
[09:30]
A
You just want to preserve that as a, as an early warning capability of, you know, intercontinental nuclear ballistic missiles.
[09:37]
B
Yeah, yeah.
[09:38]
A
You might want to know when they're being hurled at you, you know.
[09:41]
B
Yeah. So that's like probably not the most. Hopefully not the most pressing example, but it's, It's, I guess an example of something of why even Canada has particular geographic, you know, advantages that the US itself doesn't have. I think that undermining all of that is just extremely problematic. But like I said, I think it's a warning that people should be thinking of what their Plan B is. And that's actually a tremendously difficult problem because the US has so much. It's just so relatively important in the globe.
[10:21]
A
I mean, as I say, I've spent a few cycles thinking about what this might look like from an Australian perspective. And it would be go regional. Yeah, because that's what Australia cares about. It's primarily, primarily concerned with China and its activities in the region. You know, Australia is, I mean the Australian homeland itself is quite secure. Like, I think it's funny that, you know, the Chinese boats off our coast, you know, I don't think anyone really regards that as threatening. It's belligerent, asshattery, but it's not threatening. I think though that, you know, I think so many, you know, just ordinary Australians don't quite understand that the, the, the battle for Australia is not fought in our waters. Right. It's fought in Southeast Asia, which is where like we don't refine our own petroleum. It all comes from Singapore. So, you know, this is all of our, all of our naval approaches are sort of what we've got to protect. It's not about what's happening off our coast. And that's going to require, you know, a lot of regional cooperation, good regional relationships and whatnot. And I would just think your plan B is going to look at something along the lines of helping to upskill regional services so that you can do better sharing with them and whatnot. Because currently that would be difficult because some of these services are compromised, let us say.
[11:35]
B
Well, I guess there's nothing like a crisis to spur innovation. So I think what you say makes sense and I think there's a lot of difficult relationships in the region where we're kind of frenemies, like we get along well but you know, there's.
[11:52]
A
But everybody's worried about China.
[11:55]
B
Exactly. So I think that's the lever you've got to pull. And this is not a short term fix. Right. You can't. The Five Eyes has been around 50 odd years, or is it 75? A long time.
[12:06]
A
Yeah.
[12:06]
B
And so you're never going to replace that anytime soon at all. But it's, it's, you know, the best time to plant a tree is today. We can't, we can't build those relationships from 20 years ago.
[12:18]
A
No. And I would point out too that it was actually the Americans who helped upskill us in intelligence stuff so that they could share intelligence with us. Right. Because previously we didn't have the right domestic agencies for foreign partners to share information about people who were doing espionage on our soil. So we did have help from international partners in terms of being able to spin up organisations that could receive intelligence from foreign partners and they wouldn't worry as much about it leaking and things like that. And I think maybe Australia, there's a role for Australia in the region to do something similar, but that might be a bit pie in the sky.
[12:53]
B
Well, I mean ASIO exists because I think it was the UK was worried about.
[12:58]
A
It was the Brits, was it? I wasn't sure if it was the uk.
[13:01]
B
I'm not sure if it's the UK or the us, but they were worried that we'd been compromised during the time of the Cold War. And so part of the deal was to get more into the club was that we had to start up an internal security agency.
[13:15]
A
So, well, it's funny because everyone said, oh gee, that sounds a bit paranoid. And then thanks to Cabinet documents that get released after X number of decades, we kind of know that what you said about being compromised was kind of true. So that's why we needed asio.
[13:30]
B
Yeah, yeah. There was a bloke in Defence who would write these fascinating blogs about the history of that. Unfortunately, I can't remember what is and isn't classified, so I can't, I can't really tell anything. But there's a lot of. There were genuine concerns that were real and so ASIO helped deal with some of those.
[13:54]
A
Anyway, let's change the topic quickly. Now the other thing you wrote about, another thing that you wrote about was Sweden. The Swedish government demanding that Signal make its app more surveillance friendly. To which the Signal foundation has said, if you pass a law that does that, we're out of here. Which is fair enough and they will follow through on that. That seems to be your conclusion here. I guess the interesting thing is here that the Swedish military is against it because they use Signal. Their official guidance for military personnel is to use Signal. And they have written to the government, they've written a submission basically saying if you do this, it's actually putting our national security at risk. And this is just such a perfect encapsulation of the paradox around end to end encrypted, you know, the paradox and trade offs involved in end to end encryption. Basically.
[14:45]
B
Yeah, yeah, it was just a wonderful little vignette. And what I thought was interesting is that Sweden, not a big country, so I think that for almost all tech companies, except maybe for Spotify, because it's Swedish, that if they were presented with that kind of ultimatum, they would just say, well, we'll just leave the country. I think there's only really one country that has the kind of gravitas geopolitical importance to force some of these big tech companies to do stuff. And that's the U.S. but the U.S. the political process, there's never been agreement on anything like what to do about encryption. And so it's just stayed in stasis.
[15:32]
A
Yeah. And I think now if the Trump admin were to move against encrypted services, like, people would be more against it than otherwise, I think.
[15:40]
B
Yeah, yeah, I think that's fair. Like the contrast, I guess, is with China, which is geopolitically important, but it's very, very clear about, you know, individual privacy is vastly trumped by state security concerns. So it's not a debate over there. So it can align itself and at least domestically it's got a quite strong framework. But, you know, the rest of the world, unless the US decides to take a strong position, and that's not just Trump, that's the US polity as a whole. I think that the encryption debate will just the.
[16:19]
A
I don't know. I don't know. So we had a big barney. I'll just tell the listeners we had a big barney today in the edit over our interpretation of what's happened in the uk, because the UK has asked Apple, hey, you're rolling out this advanced data protection feature for icloud. We need you to build a capability so we can still access the content stored that way. And Apple said, well, we can't do that, so we're just going to disable that feature in the uk. Now, you have argued that that that's. The UK lost that one. I'd argue that they won because ultimately what they want to be able to do is to access icloud content. They would have liked to have been able to access the encrypted content, but instead Apple's just said, well, we'll just decrypt everybody's content or force them to decrypt their own content. Right. If you really want to get into the details. Now, to me, from the British perspective, that's still a win because they're still able to get a warrant for icloud data and have that warrant processed and have evidence come out the other side of it. So in my mind that's a win, but in your mind it's a loss because they didn't quite get the precise capability that they want. I just don't think that matters. I think what they care about, what the average law enforcement agent cares about is being able to get a warrant and get the data. They don't care about the mechanism.
[17:29]
B
Yeah, I Think if you take that perspective, it is a win. Like from the narrow perspective of the UK law enforcement agencies, I think from the broader government perspective, they set up the, what's it called, it's not the Online Safety act, the investigative, Investigative Powers act. And they wanted a process where they could say, company, here's an order, implement it in a quiet way and we get what we want and it's not a big deal. And that's not what happened. So I think from the broader perspective, it's not a win, it's not totally a cyber.
[18:13]
A
Excuse me, the big deal thing there that you mentioned, it's not a big deal. Now this reversal, Apple withdrawing this feature politically is doing nothing in the uk. Nobody cares. So that's the thing I think is interesting is I think Apple may have miscalculated the politics of this, you know, in that they're withdrawing this feature from the UK and no one seems to really mind. Right. Which I don't think is the reaction they were hoping for.
[18:38]
B
Yeah. So that is interesting. So I. It seems that these things produce. Maybe it is a storm in a teacup every time because we get the very polarized people who are quite vocal, but maybe you're right, maybe most people don't care most of the time.
[18:59]
A
Well, and the interesting thing is here it's. Normally we see the governments back down, we don't actually see change resulting from this. And this is the first time I can think of that we have. So as much as it's tempting to say, yeah, the crypto wars are just going to limp along until the US does something, I think this is the first time where we've seen a major change in a popular technology service being offered to a population of an entire country resulting from the issuance of a technical capability notice under the, you know, under an act. And that's what's happened here.
[19:29]
B
Yeah, yeah. So I, I would still hold, withhold judgment and wait for a month or so, see what happens. Does the advanced protection, what is it, adp, Advanced Data Protection stay out of the UK or does it sort of quietly come back? Yeah, wait and see.
[19:46]
A
Well, I think it's going to kick on as is, actually. I think this is, I think this is it. But yeah, anyway, we had a barney about it and like, let's, let's, let's see if we can have another barney about it in a month. You looked at, also looked at this week, the chainalysis report into cryptocurrency. You know, we spoke about that a bit yesterday with Adam, you had your own sort of, you know, you spotted your own interesting things in here. One interesting thing that we didn't talk about on the show is like, well, a few interesting things actually. Like one is that a lot of these sanctions that get a lot of these exchanges, I'm sorry, that get sort of dismantled either through disruption operations, you know, seizures or sanctions, they tend to reconstitute under a different name pretty quickly. The number of KYC free exchanges is kind of at an all time high. You've also got people, you know, we did mention this people are still using tornado cash even though, you know, a lot less. But I think perhaps the most interesting thing here is that none of these disruption actions or sanctions have done anything to slow down the North Koreans.
[20:48]
B
Yeah. For quite a long time since I've been writing about it, I had thought that maybe they would. But the numbers of thefts or the amount of, is it currency? The amount of value stolen just keeps on going up. So in the wake of the BYBIT cryptocurrency exchange hack which you guys spoke about, what is it? Yesterday, 1 1/2 billion dollars Chainalysis came out with this, you know, blog which said, here's what we're doing and they actually have the numbers over the last two or three years and basically it's doubled from 2023 to 2024, the amount stolen. And then basically this one hack is as much as was stolen in all of 2024 by North Korean hackers.
[21:32]
A
Yeah, it's more. Right, so in 2023 they stole US$660 million in 20 incidents. And then in 2024, 1.34 billion across 47 incidents. Now this year, one incident, 1.4 something billion dollars. Right. Like, and they're still, they've got their laundering down to, to a pretty fine art.
[21:51]
B
Yeah, it seems like there's, you know, we're always shutting the gate. We, governments are trying to shut the gate with sanctions and disruption actions. But there's. Cryptocurrency is such a vibrant ecosystem that there's always more gates opening up. And so things that I had not written about a couple of years ago and now y. This is the standard way that you would do something. And so they, they go through like there's a whole suite of different mechanisms that they're using to try and obfuscate where the money's going. And it seems like it's not quite clear to me what the percentage, I guess you might call it, you know, cost of doing business is for working in Cryptocurrency. But it doesn't seem like you lose 90% of the funds. It seems like you lose some. Less than half of the funds in the laundering process. Way less than half is my impression. But that would be a really interesting number to get to. It's not clear what that is yet.
[22:52]
A
Well, I think if you can figure out, like, you know, you have to have visibility into the entire chain, and if you did have that, then it wouldn't work anymore. So it's always going to be a hard number to pin down. One line I did enjoy that you wrote in this week's newsletter is Chainalysis says that it's collaborated. Collaborated across the industry and has helped to freeze more than $40 million stolen in the Bybit hack. For those keeping count, that's only, you know, 1.46 billion to go. So. And that was a point I made yesterday on the, on the show too, which is. And you know, we did a deep dive into how that hack went down. I'll drop a card right here if anyone wants to watch that, but my God, you know, once that money's gone, it's gone. It's not like the banks.
[23:33]
B
Yeah, yeah, that's right. It's. It's kind of fantastical in a way that so much can disappear so quickly. And it's like, yeah, I thought it was hilarious that they offered a reward for the return of the money. It's like gonna happen.
[23:48]
A
That's gone, guys. It's gone. Just deal with it. All right, we're gonna wrap it up there. Tom Uren, thank you so much for joining me for this discussion of your always excellent newsletter that people can find at Risky Biz. We'll do it all again next week. Thanks again.
[24:00]
B
Thanks, Patrick.