The nation state isn’t going to know which bitcoins their agent stole... the agent can take both data and bitcoin. No one will talk about the bitcoin to the outside world.
Do you think offensive black hats employed by governments aren't closely monitored by their employers?
It doesn't matter whether the attacker works for China, Russia, the US, whoever – they are likely sitting in a very secure building owned by a military branch or intelligence agency, absolutely everything they do is closely monitored by their superiors (spy agencies love to spy on their own spies), they aren't allowed to take personal electronic devices into the building and they are physically searched on entry and exit.
Do you think, working in that kind of environment, they'll find it easy to steal their target's bitcoin?
Do you think their superiors will look kindly on agents compromising operations for personal financial gain?
Two facts about that case which don't help your argument (1) the US Secret Service is not an intelligence agency, it is a law enforcement agency – US intelligence agencies are the members of the https://en.wikipedia.org/wiki/United_States_Intelligence_Com... – and the US Secret Service doesn't engage in offensive hacking against foreign targets (that's primarily a CIA and NSA responsibility); (2) he got caught
Didn't we hear stories about people in three letter agencies spying on their neighbours, girlfriends etc? If they let that pass then who's to say they wouldn't just look the other way on the BTC.
Three Letter Agencies don't approve of that kind of behaviour and will discipline employees caught doing it. The fact we've heard about it is because those doing it got caught. Indeed, talking about the US in particular, many of those stories originate in an unclassified letter the NSA Inspector-General sent to Senator Chuck Grassley back in 2013, which the Senator released to the public – the fact that the Inspector-General knew about the cases means those people got caught somehow.
Some complain that the Three Letter Agencies are too soft on the perpetrators – a reprimand, a demotion/paycut, a forced resignation, or termination instead of criminal prosecution – but going soft isn't the same thing as approval. (Also, the agencies themselves don't have authority to prosecute, the most they can do is send a referral to the prosecutor but it is up to the prosecutor to decide whether to proceed.) Given how much emphasis those agencies put on staff reliability, getting caught doing stuff like that is a pretty serious career-limiting move.
I reckon those agencies – and the prosecutors too – care a lot more about employees stealing bitcoin from targets than they do about employees spying on their neighbours or love interests. Bureaucrats always care about money; and thefts are more straightforward cases to prosecute than LOVEINT.
