Penetrating the Dark Web


The Federal Bureau of Investigation this month claimed a huge victory in its pursuit of cybercrime, when it shuttered Silk Road—an online marketplace offering everything from heroin to the services of hackers and hit men.

Whether this indicates the FBI's increasing prowess in the effort to curb criminal activity in the vast, uncharted area that specialists call the “Dark Web,” or whether the feds just got lucky, remains to be seen.

But the case also highlights the need for law enforcement to ensure that its data-tracking abilities keep up with the growing sophistication of the cyber underworld.

On October 2, federal prosecutors charged Ross William Ulbricht, 29, with three conspiracy counts related to narcotics trafficking, computer hacking and money laundering.

Ulbricht, who was nabbed at a public library in San Francisco, was the alleged mastermind behind Silk Road, which the FBI called in a criminal complaint “the most sophisticated and extensive criminal marketplace on the Internet today.”

According to the complaint, the site generated about $1.2 billion in sales and roughly $80 million in commissions since its launch in 2011. The FBI said Ulbricht operated Silk Road under the nickname Dread Pirate Roberts, using an online network to remain anonymous while receiving payment through Bitcoins, a form of digital money.

Detective Work

Investigators tracked Ulbricht through old-fashioned detective work—finding leads through mistakes he made, such as using his true e-mail address in some communications.

But such slip-ups are unlikely to be the norm as Dark Web operators become more sophisticated, according to Tyson Johnson, a certified fraud examiner and vice president of business development for BrightPlanet Corporation.

The data-harvesting and analysis company is based in Sioux Falls, SD, but Johnson works from a corporate office in Ontario, Canada.

“Traditionally, law enforcement has counted on the fact that the criminals will screw up,” says Johnson, whose company has worked with the U.S. Department of Defense, as well as law enforcement and the private sector.

“We are getting much better at spending time and energy tracking data. [But] we have to rethink the traditional investigative model of using the surface Web. How do we achieve the same outcomes in the Dark Web space?”

Earlier this year, FBI Director Robert Mueller said that denial of service attacks, network intrusions and hackers can compromise national security—a growing threat that requires the FBI to strengthen its partnerships and share intelligence with other government agencies and private industry.

In the area of corporate fraud alone, there has been a significant surge over the past year in thefts of assets or stock, data, and trade secrets, according to the 2013 Kroll Global Fraud Report, released this month.

Data Fraud Growing

Overall, fraud affected 70 percent of companies surveyed worldwide, up from 61 percent the previous year. Sixty-six percent of companies surveyed in the U.S. were affected by one fraud last year, according to Kroll.

One notable data theft occurred from LexisNexis Inc. and Dun & Bradstreet, according to security journalist Brian Krebs, a Washington Post veteran who runs the site

Krebs found that an identity-theft service called used hackers to obtain Social Security numbers, birth records and other personal information from the database giants, which was later sold on underground cybercrime forums.

Cybercrime remains one of the Department of Justice's top priorities, according to Jenny Durkan, who chairs the Cybercrime and Intellectual Property Enforcement Subcommittee of the Attorney General's Advisory Committee.

“The range of threats and the challenges they present for law enforcement expand just as rapidly as technology evolves,” Durkan, who is U.S. Attorney for the Western District of Washington, wrote in a statement posted on the Department of Justice Offices of the U.S. Attorneys website.

Among those challenges are the size, the anonymity and the technological savvy of Dark Web operators.

What a layperson considers the Internet is what data experts and criminals call the “Surface Web,” the Web sites and information tracked through search engines such as Google, Yahoo! and Bing.

“The reality is, the Surface Web is exponentially smaller than the wealth of data in Deep Web,” says BrightPlanet's Johnson.

The Deep Web is like an ocean of information compared to the Surface Web's shoreline. It can contain vast chunks of data, such as sources of government grants, and is accessible only through a directed query.

In the Shadows

The Dark Web, as its name implies, is a shadier entity within the Deep Web. It is ripe for exchanging narcotics, child pornography, stolen credit cards, weapons and unauthorized leaks of sensitive information.

“It's a nebulous place where criminals can domain-jump and hide their tracks,” Johnson said. “Sites that were there yesterday are bouncing to new URLs today.”

Dark Web pages are designed to be concealed, accessible only through a virtual private network such as Tor.

Originally developed for the U.S. Naval Research Laboratory to protect government communications, Tor bounces a person's Internet usage around a series of relays, preventing other sites from learning that person's location.

Not all the usage is suspicious, notes Tor's Web site, adding that its users include the military, law enforcement agencies, businesses, journalists, activists, whistleblowers and people seeking online privacy.

A person's activity now can be scattered beyond a simple hard drive.

“It's a dropbox here, a laptop there, a smartphone,” Johnson said.

Companies such as BrightPlanet aim to assist law enforcement and private companies through technology that enables them to monitor certain keywords, users and locations automatically, both in the Deep Web and even on specific sites such as Twitter.

Such technology has tracked mentions of counterfeit pharmaceuticals and identified credible threats to public events.

For instance, investigators monitored social-media content in May using a “Deep Web Intel Silo”; they unearthed photos of guns and what they considered a viable threat of violence at the St. Mary's Polish Country Fair in Orchard Lake Village, a Detroit suburb, according to BrightPlanet and news reports. A teenager was charged with domestic terrorism. .

Harvesting this data on a daily basis is a “force multiplier” for agencies, who can comb through red flags to allocate their resources effectively, Johnson said.

It also raises additional legal issues.

FTC Complaints

The Electronic Privacy Information Center has filed FTC complaints against Facebook, for instance, saying that the social-networking site allows developers of third-party applications to maintain user information indefinitely.

Craigslist is one site that lists in its Terms of Service that the collection of its users’ personal information, including email and IP addresses, is not allowed for any purpose.

The debate over the privacy of a person's physical self and his or her digital self means that investigators may need search warrants before reviewing certain social-media outlets, Johnson said.

“We have to pay attention to what we can legally harvest,” he said.

Paul Bresson, an FBI spokesman in Washington, told The Crime Report that he could not discuss the “proactive” techniques used to thwart criminal activity on the Web, but he added, “We do discuss these things routinely in law enforcement circles.”

In the meantime, as others swarm to fill the vacuum left by Silk Road's closing, their desire for anonymity may be trumped by greed. “These groups want to be mainstream enough that people can find them online, but they also want to cover their tracks,” Johnson said.

“These guys know that if they want to sell to a bigger audience, at some point in time, they love to be findable.”

Valerie Kalfrin is a free-lance journalist who specializes in crime and public safety issues, based in the Tampa, FL area. She's written for The Tampa Tribune, and, among others. Her reporting honors include two first place “Excellence in Public Safety” awards from the Florida Press Club. She welcomes comments from readers.

Comments are closed.