The Criminal Code 2.0
How deregulation and diplomatic retreat are supercharging AI-powered cybercrime
Crime is going digital at unprecedented speed. But this transformation isn't just driven by criminal ingenuity- it's being actively accelerated by two converging policy choices that are reshaping the global security landscape. As the United States pursues aggressive AI deregulation while simultaneously undermining the international rules-based order, we're witnessing a perfect storm: criminals gain access to ever-more powerful tools while the collaborative frameworks needed to stop them crumble.
The result is a world where organized crime networks, cybercriminals, and state intelligence agencies exploit technological innovation faster than fragmented, increasingly isolated governments can respond. From AI-generated phishing campaigns to billion-dollar crypto heists, the rules of the underworld are being rewritten - algorithm by algorithm, wallet by wallet, and policy decision by policy decision.
The Deregulation Dividend: How Policy Creates Criminal Opportunity
The Trump administration's push to deregulate AI development -framed as unleashing American innovation and maintaining competitive advantage - has unintended consequences that extend far beyond Silicon Valley boardrooms. When safety protocols are weakened and oversight reduced, the same technologies that power legitimate businesses become more accessible to bad actors. Criminal organizations, many with resources rivaling small corporations, are quick to exploit these regulatory gaps.
Consider the evolution of fraud. Phishing emails used to be riddled with typos and broken grammar—telltale signs that helped users identify scams. No longer. With generative AI now widely available and increasingly unregulated, scams have become linguistically perfect, personalized, and virtually indistinguishable from legitimate communications. In 2024 alone, phishing attacks surged by 70%, with a malicious email detected every 42 seconds, according to cybersecurity firm SlashNext.
AI’s mimicry doesn’t end with text. Deepfake technology using hyper-realistic synthetic audio and video has entered the criminal arsenal. Fake job interviews, bogus virtual meetings, and impersonated CEOs are enabling financial scams, disinformation operations, and even recruitment traps for unwitting victims. In the United States, job-related scams involving AI nearly tripled between 2020 and 2024, with reported losses ballooning from $90 million to $500 million. The deregulatory environment makes these tools more accessible while reducing the oversight that might catch their misuse.
There are darker threats on the horizon. AI-powered malware, capable of learning and adapting in real-time, is emerging from cybercriminal forums and illicit marketplaces. These autonomous agents scan for vulnerabilities, dodge detection systems, and execute coordinated attacks, foreshadowing a world where hackers may only need to input a target and let the algorithm do the rest.
The Collaboration Crisis: How Diplomatic Retreat Enables Crime
AI deregulation hands criminals better tools, but an equally dangerous trend is dismantling the cooperative frameworks essential for fighting them. The Trump administration's broader reshaping of America's role in global governance - the deliberate weakening of multilateral institutions, withdrawal from international cooperation agreements, and systematic undermining of the "rules-based order" - is fragmenting the collaborative networks that once helped track and stop cross-border financial crimes.
This retreat matters profoundly because modern cybercrime is inherently international. Cryptocurrencies don't respect borders, and neither do the criminals who exploit them. These operations span multiple jurisdictions, making international cooperation not just helpful but essential. Yet just as criminals achieve unprecedented technological sophistication, the mechanisms for coordinated response are being deliberately weakened.
The scale of the problem is staggering. In 2024, Americans reported losing $9.3 billion to cryptocurrency scams, a sharp increase from $3.3 billion the year prior. Take the case of Xinbi Guarantee, a Chinese-language platform legally registered in Colorado. From 2022 onward, it facilitated more than $8.4 billion in suspicious transactions, offering fake escrow services, selling stolen data, and enabling North Korean hackers to launder their loot through Telegram-based deals. Such operations succeeded partly because the international cooperation needed to track them across borders required improvement even before Mr. Trump took office, but now law enforcement faces a double challenge: the growing sophistication of these criminal networks combined with a deliberate stepping away from the very cooperative frameworks that made dealing with such threats possible.
State-sponsored operations have grown even bolder. North Korea's Lazarus Group looted $1.5 billion from ByBit, a major crypto exchange, in early 2025, according to U.S. intelligence officials. The funds were allegedly funneled into weapons development and proxy networks, bypassing sanctions through a maze of digital wallets and mixers. These heists exploit not just technological vulnerabilities but also the growing gaps in international coordination as diplomatic cooperation deteriorates.
The Compound Effect: When Weak Oversight Meets Weak Cooperation
The intersection of AI deregulation and diplomatic retreat creates a compound effect that dramatically advantages criminals. As oversight of AI development weakens, cybercrime-as-a-service platforms have democratized access to high-end criminal tools. For a fee, even novice criminals can rent AI bots to phish, defraud, and blackmail. Some marketplaces now offer bundled services: phishing kits, deepfake engines, and crypto laundering pipelines, complete with customer support.
When AI and crypto collide under this weakened oversight regime, the consequences are doubly insidious. Scammers use AI-generated personas—complete with deepfake avatars and social media footprints—to establish trust with victims, who are then conned into transferring cryptocurrency. Once sent, those funds vanish into anonymized blockchain wallets, rarely to be recovered.
Meanwhile, decentralized finance (DeFi) and crypto mixers like Tornado Cash, although used for privacy by some, are increasingly leveraged by criminals to obscure transaction trails. The fragmentation of regulation across jurisdictions only worsens the problem: one country's banned platform is another's business-as-usual. And as multilateral frameworks for harmonizing regulations deteriorate, these regulatory arbitrage opportunities multiply exponentially.
Fighting Back with Fewer Tools: Law Enforcement's Uphill Battle
Law enforcement isn't standing still amid this technological arms race. Agencies are deploying AI and machine learning to scan blockchain transactions, identify suspicious wallet activity, and detect fraud patterns across multiple platforms. Tech companies are joining the fight: Google has rolled out a AI-powered scam detection feature in its Messages app that analyzes nearly 2 billion messages per month and alerts users to suspected crypto scams.
Yet these efforts, however innovative, face a structural handicap. Historically, police forces around the world collaborated through multilateral frameworks, shared intelligence through established channels, and coordinated responses to transnational crime. Today, as these "rules-based order" institutions are systematically undermined - viewed as constraints on American sovereignty rather than tools for mutual security - the collaborative infrastructure for fighting cybercrime is deteriorating precisely when it's needed most.
The irony is stark. Europol and Interpol have developed sophisticated blockchain analysis tools. The U.S. Department of Justice has expanded its National Cryptocurrency Enforcement Team. But these efforts are increasingly isolated, like individual musicians trying to perform a symphony from separate concert halls. Without the diplomatic and institutional frameworks that enabled seamless international cooperation, even well-resourced law enforcement agencies find themselves playing regulatory whack-a-mole against criminal networks that exploit jurisdictional arbitrage with the skill of seasoned tax attorneys.
Most agencies remain underfunded and understaffed relative to the speed and sophistication of tech-enabled crime. The challenge grows exponentially harder as traditional alliance structures fray and multilateral cooperation is viewed with suspicion rather than necessity. Crime doesn't require diplomatic clearance; crime-fighting increasingly does.
Code Versus Control in a Fractured World
Governments are scrambling to respond, though with diminishing coordination. Brussels has its Markets in Crypto-Assets regulation taking full effect in 2025, promising standardised rules for exchanges and stablecoin issuers. America's Treasury Department talks of mandatory know-your-customer rules across decentralised finance protocols. Yet these efforts, however well-intentioned, resemble regulatory whack-a-mole in a world where the mallet keeps shrinking.
Without the international frameworks that harmonise such initiatives, these measures risk becoming mere regulatory islands in an ocean of opportunistic arbitrage. Criminal networks, always quick to spot weaknesses, are shopping for the most permissive jurisdictions with the enthusiasm of tax-avoiding multinational corporations. The difference is that criminals are rather better at it.
The fundamental paradox is stark: fighting borderless crime requires borderless cooperation, yet borders - regulatory, diplomatic, institutional - are proliferating. Crime doesn't require visas; crime-fighting increasingly does. In dismantling the multilateral institutions that once enabled seamless law enforcement collaboration, policymakers have handed criminals a tactical advantage just as those criminals acquire unprecedented technological firepower.
This is not merely a technological problem that will solve itself through innovation. It is the predictable consequence of deliberate choices: deregulation over security, sovereignty over cooperation, nationalism over collective action. The timing could scarcely be worse. As algorithms grow more capable and anonymising technologies such as cryptocurrencies more sophisticated, the very institutions designed to contain their misuse are being systematically weakened.
The era of anonymous criminals hiding behind avatars and wallet hashes was never going to end easily. In a fractured world where law enforcement agencies operate in increasing isolation, it may not end at all. The code is getting smarter. The control mechanisms are getting dumber. And that's not an accident - it's a choice.
SecDev is a next-generation consultancy operating at the intersection of geopolitical, digital, urban, energy, and cyber risk. Our mission is to deliver high-quality, data-driven advice and solutions powered by seamlessly integrated human and artificial intelligence.