For example, public exchanges like Coinbase probably couldn't hide their cold wallets if they tried, since they transact so heavily. And that means anyone can see the inflows and outflows from them. That means you can often trace funds back to a given exchange, and then law enforcement can ask them for account information on who withdrew the given funds.
If there are multiple steps after that point or it was an anonymous account, the trail may run cold. But in the long run law enforcement has gotten pretty good at tracking criminals down. Since the ledger is permanent, it is usually just a matter of time before a criminal screws up and is caught. For example a hacker holding a fortune in bitcoin may gift a bit to a girlfriend years later, who uses it for an online service - triggering law enforcement that is automatically monitoring downstream TX to contact the online service, who traces it back to the girlfriend, who winds up in an interrogation cell, and then you have the SWAT raid an hour later.
That's the basic idea at any rate. As mentioned, there are many permutations and exceptions. Crypto is no more one-size-fits-all than in the global stock market.
What about non-hackers? People who have just held cryptocurrency since its beginning?