Into the Hornet’s Nest
An Investigation of Crime on the Dark Web, and How to Stop It
The Deep Web has been a recurring topic of discussion for many people around the globe. It has recently garnered the attention of many groups, often with criminal intentions. The Deep Web is a section of the internet that is not catalogued by common search engines (Google, Bing etc.). This means that it is far easier to host content with the intention of remaining undetected by law enforcement. This content, along with the usage of special programs and a strong understanding of computer networking, allows any user to bypass their countries censors and strict cybersecurity laws. After conducting intensive research, I have changed my position regarding the value of anonymity on the deep web. The deep web is a bastion of illicit activity and remains a threat to public safety for many nations around the world and should be regulated and monitored to fullest extent. The deep web is undeniably dangerous to people all over the world, and although free speech is a valuable right, a platform that supports the disturbing content available on the dark web should not continue to exist.
With the right technical knowledge, anyone is able to host and view content on the deep web, regardless of its legality. The easiest and most effective way of getting into the deep web is to use a program called “Tor”. It was created by the U.S. Navy to “protect the military’s online communications. Increasing the number of people using Tor at any given time also increases the difficulty of tracking and monitoring users. Because of this, the creators made Tor’s software open-source, which means it is publicly available and easily accessible. Experts believe that in 2014 as many as two million individuals were using Tor at any time” (Biscontini). Tor is the perfect interface for accessing the deep web because it automatically encrypts every bit of data the user sends and receives, then sends those bits of data throughout the servers that Tor has running all around the globe. This level of security makes the user’s connection slower, but at the benefit of being virtually untraceable. This type of security is bundled with the fact that most, if not all of the purchases that are made on the deep web use Bitcoin. Bitcoin is a payment system that “involves electronic currency that is exchanged using open-source software. It is part of a category of digital currency called cryptocurrency. The currency is created and stored electronically, typically on computer hard drives and cell phones, and is protected from third parties by cryptography” (Mazzei). Experts believe that the deep web is growing exponentially and is already potentially hundreds of times bigger than the surface web (websites that can be accessed through search engines and web crawlers). While a clear majority of this content is unimportant data such as web archives, databases, and password protected websites, hidden within this content is a portion of the deep web affectionately coined the “Dark Web”. The Dark Web has been a growing source of concern for law enforcement groups worldwide for its notoriety as a stronghold for cybercrime. This includes drug trafficking, human trafficking, international terrorism, child pornography, and a wide array of illicit goods and services available on the black market. In order to combat the evasive methods criminals, use online, the FBI, NSA, and their international counterparts have all attempted to find new ways of stopping cybercrime and taking illegal content off the web. In the past decade authorities in multiple countries have tried to limit the powerful encryption technology through legislation, and are currently attempting to develop a method of identifying cyber criminals that use methods of hiding such as VPN’s (Virtual Private Networks), and the Tor browser.
The Dark Web is a hotspot for criminal activity simply because it protects the users from being caught while allowing anyone with a computer to safely and anonymously browse illegal markets and websites. One of the most despicable uses of the Dark Web is the hosting and viewing of child pornography. Since the rise of the internet FBI, NSA, and international law enforcement agencies such as Interpol have worked tirelessly to remove content depicting child sexual abuse in all forms. Intelligence agencies are becoming better at catching child predators, and pedophiles have retreated to the Dark Web in an attempt to better hide their identities and make it nearly impossible to get caught. Although it requires significant technical expertise to host illegal content without being easily identified, researchers claim that the number of Tor-hidden child abuse websites is increasing. In an article discussing the FBI’s investigation of these sites by Cyrus Farivar, writer for Ars Technica, discussed Sarah Lewis’s role with OnionScan. The data “shows that as of August 2016, there were 29 unique child porn related sites on Tor-hidden servers” (qtd. In Farivar). These websites are being visited in huge frequencies too. Studies that have been done on the Dark Web expose the shattering truth that a large majority of users that frequent privacy based browsers with criminal intentions are viewing child pornography. A study done by researchers at UNH reported intercepting 139,604 unique child pornography files uploaded to the Dark Web during a yearlong study (Wolak, Liberatore et al.). The fact that content is unique suggests that children are regularly being sexually exploited to creating new illicit materiel to host on Tor-Hidden Dark Web pages and this kind of terrible crime needs to be put to a stop as soon as possible.
Another, less widely known purpose of the Dark Web has recently come to the attention of authorities following a huge influx of terrorism websites on the surface web, terrorism recruitment. One counterterrorism expert, Michael Jacobson, goes in the detail about the history behind this development in a paper titled Terrorist Financing and the Internet. In this paper, he not only discusses where these terrorists have hosted these websites, but also why the internet has been so popular among jihadists. He states that this phenomenon began with Al-Qaeda, who “…increasingly relied on the Internet to spread its toxic message and drum up support throughout the world. While its use of the Internet for propaganda and recruiting purposes has received wide publicity, Al Qaeda has also utilized the Internet for a variety of other purposes, including terrorist financing…. A wide range of other terrorist groups, including Hamas, Lashkar e-Taiba, and Hizballah have also made extensive use of the Internet to raise and transfer needed funds to support their activities.” (Jacobson). Even more disturbing, of these sites were disguised as charities, raising money for “humanitarian purposes”. The most notable example of this is the Global Relief Foundation (GRF), the largest Islamic charity organization in the United States as of 2001. Following the September 11th attacks, the US government raided the charity and shut down all operations. A paper, written by Jacobson then goes on to claim that at one point GRF was reporting $5,000,000 in annual donations, all tax free as a nonprofit charity organization. As international agencies began cracking down on these front organizations, terrorist groups have resorted to setting up websites on the dark web. These websites utilize Bitcoin to raise funds, and are significantly more difficult to locate on the web. The Dark Web is also well known for being the host of massive online black markets, in which anyone with a computer and a P.O. box can be the recipient of a plethora of weapons, narcotics, fake I.D.’s, and other contraband. This opens an incredibly dangerous avenue for criminals, without authorities or intelligence agencies having any indication of danger. There is also notable reputation building around the underground drug market, accessible through the Tor browser. The online drug market produces a massive amount of capital, as it can provide virtually any substance imaginable- for a price. Per a Manhattan federal court, a homeland security agent was able to infiltrate one drug forum, becoming a paid member of the support staff. In ten months, he received over $32,000 in regular payments through Bitcoin (Owen, Savage). In one paper by freelance tech writer Jaikumar Vijayan, the connection between recent cyberattacks on retail corporations such as Target and the Dark Web market is discussed in detail. He mentions one market that had over a million stolen credit cards for sale, many of which originated in the Target hacking attack that occurred in 2013. Vijayan mentions that the market in question was surprisingly user friendly and well made, stating that “Rescator even included a search feature by ZIP code and location of the stores from which the cards were stolen…. It meant that Rescator was offering buyers a way to make same-state purchases using stolen cards without tripping typical fraud defenses where a financial institution might block transactions made from unfamiliar locations, especially after a major breach” (Vijayan). Markets are becoming quite advanced and increasingly accessible, with more of these sites appearing every year. For cyber criminals and hackers, the Dark Web and Tor markets signify a safe haven for the illicit sale of this stolen data. It is clear that the Tor browser is a host for a staggering variety of illicit goods and services. Through the extensive research done by law enforcement and thousands of internationally renowned technology experts, it is clear that Tor is a major platform for crimes, and likely contributes to death and suffering across the world.
There have been many recent cases of the FBI and other law enforcement agencies successfully breaching the security of Tor, allowing them to identify and arrest criminals. Each case was clearly a monumental undertaking, with the involved agencies utilizing methods on the forefront of computer and software engineering. There are numerous difficulties that law enforcement face today in catching criminals on the Dark Web, which can be seen case by case. One such case involves the 2015 bust of a massive child pornography hub hosted under the protection of the Tor browser. A recent Engadget article written by Jessica Conditt explains how the FBI was able to compromise the website at its source, commandeer the server, and deliver malware to thousands of users. The child abuse website had been under heavy monitoring by authorities since it opened; finally, being compromised when the man running it made a fatal error, revealing the IP address and subsequently the location of the server (Conditt). Authorities were able to seize the server hardware from a private hosting company and track down the suspected owner though his payment credentials. Cases such as this one clearly demonstrate the FBI’s desperate need for newer legislation that can give them the authority to act on criminals in possession of child pornography. The unfortunate truth that the FBI simply does not have a strong capability to breach the Tor browsers anonymity amplifies this desperation, as law enforcement must wait for the criminals to make an error before they can catch them. Tor is also suspected of being utilized in the recent terrorist attacks in France. There is an unprecedented amount of funds, intelligence, and manpower being allotted to the international counterterrorism effort, but law enforcement still has incredible difficulty detecting ‘lone wolf’ style attacks. Per a Toronto Globe article written in July 2016, experts worldwide agree that the largest terrorist threat now stems from individual, radicalized attackers. This is echoed by Gabriel Weimann, a communications professor from Haifa University, Israel. He states, “The real threat now comes from the single individual, the ‘lone wolf,’ living next door, radicalized on the Internet and plotting strikes in the dark… Behind every lone wolf, there’s a virtual [online] pack with which he has been in contact… They have been informed and inspired by others online, usually on websites connected to terrorist operations… Nobody is radicalized by himself” (Martin). Per a recent Motherboard article, French law enforcement has moved to “to block or forbid communications of the Tor network.” and to “Forbid free and shared wi-fi connections during a state of emergency” (Cox) To prevent terrorists from staying anonymous to spread propaganda and order more attacks. This is unfortunately most likely not a sustainable solution because terrorists can still access Tor from outside the country. One of the most well-known cases involving the Dark Web was the FBI’s successful location of the largest Dark Web drug marketplace, The Silk Road. The bust resulted in the arrest of the creator who had accumulated a net worth of over $28.5 million dollars, along with several other staff members. This is explained in-depth in a Newsweek Global article written by Nina Burleigh, who tells the story of Ross Ulbricht, an eagle scout with a master’s degree in materials science and engineering; turned international drug kingpin. The article describes his vision: “Ulbricht’s exchange was the logical extension of Craigslist or eBay or Uber, a company matching customers with providers and collecting a fee, although in this case the buyers weren’t seeking poodle ashtrays or a ride in a Prius. Silk Road matched drug sellers and drug users across the globe. If hailing a cab seems out of date, so too is walking around a city park hoping to score some weed.” (Burleigh). The web page became wildly popular, and soon became a major target for the FBI, NSA, and international law enforcement agencies. Ulbricht was arrested in late 2013, just over three years from the Silk Road’s launch. The prosecution was adamant in their claim that Ulbricht’s servers were located through a component of the website being improperly configured to operate over the Tor network. Greenberg and other tech experts are skeptical of the FBI’s accounts. The article goes into detail about the fundamental technical barriers that would prevent a data leak like the Silk Road’s from occurring. Some claim that the FBI likely got tipped off by the NSA, who would have operated without a warrant due to its nature as a clandestine agency. If this is the case then the FBI would have operated without proper jurisdiction, potentially allowing Ulbricht to get away with his crimes and tipping off other operators of Dark Web markets to the methods that law enforcement uses.
The cases mentioned above signal a single message that law enforcement and many experts agree on; the United States and other leading nations need to reevaluate legislation and methods used in fighting cybercrime. There are many ways that authorities can regulate the criminal activity on the Dark Web. Most of these techniques rely on clever ways to track down computers based on the mistakes that the criminals make. This is often the case with smaller scale operations, such as low level narcotic retailers. On many large-scale operations, such as the child pornography bust and Silk Road, however, the FBI’s methods come into question. Illegal web pages are heavily monitored, but in many cases legislation simply prevents the government from taking proper action to identify the location. Law enforcement officials often advocate the introduction of legislation that would give authorities more power to act on cybercrime. The US government has come rather far in this regard, passing the USAFreedom Act in 2015, a modified version of the Patriot Act. In a nutshell, the USAFreedom Act gives intelligence agencies and law enforcement renewed abilities to identify and prosecute criminals over the internet (Volpenhein, Grand). Other bills similar to the Freedom Act are under proposal in the United States and EU following several terrorist acts in Europe. A British news articles states that “MI5, GCHQ and the police say their capability to track terrorists and criminals is deteriorating because so much communication is now done online and across new platforms that existing powers do not cover. Privacy and civil liberty campaigners argue the bill is equally needed to open a debate on what snooping powers and levels of intrusion into private lives are appropriate” (McGoogan). Free speech activists are the main force acting against the passing of new legislation. In the wake of the Snowden leaks, people fear the government’s ability to monitor its citizens and act on suspected crime.
Although free speech activists and privacy enthusiasts relentlessly fight government authority to investigate criminal activity online more freely, it has become increasingly clear that law enforcement needs the ability to intervene. The Dark Web is a significant threat to national security and public safety for many nations around the world and should be regulated and monitored to the fullest extent. An online platform that hosts and encourages crimes such as drug trafficking, human trafficking, child pornography, weapons, murder-for-hire should not continue to exist in any capacity. Compromising on this matter is presently the best solution for ending the evil that exists throughout the web. The threats that exist on the Dark Web should be a national priority, and certainly should not be taken for granted.