Sign In

Communications of the ACM

ACM News

Fighting Crime on the Dark Web


View as: Print Mobile App Share: Send by email Share on reddit Share on StumbleUpon Share on Hacker News Share on Tweeter Share on Facebook
An illustration of the segments of the World Wide Web: the surface web, Deep Web, and Dark Web.

The Dark Web, which is not indexed by search engines, tends to be a hub for online criminality.

Credit: Hacker Noon

Crime has always existed, but modern technologies are making it easier to commit—and harder to combat—serious offenses across borders.

A big reason for that is due to the Dark Web.

"The Dark Web" is the term used by law enforcement officials to describe a subset of the Internet, hidden from our normal browsing habits, where online crimes like drug trafficking proliferate. The Dark Web is not indexed by search engines, and users must access it with an anonymous browser. Customers communicate anonymously with Dark Web vendors over secure channels, then purchase illicit goods with cryptocurrencies. Thanks to its anonymity, the Dark Web tends to be a hub for online criminality.

In fact, research from Daniel Moore and Thomas Rid of King's College, London, found that 2,723 out of more than 5,200 live websites on the Dark Web could be classified with a high degree of confidence as being related to illicit content categories like arms dealing, drug trafficking, financial crime, illegitimate pornography, and even hitmen for hire.

Law enforcement has made some progress cracking down on illicit products and services being traded on the Dark Web. Since 2013, popular Dark Web marketplaces like Silk Road and Hansa have been shut down.

However, online crime moves fast. Plenty of Dark Web marketplaces still exist, and some Dark Web criminals have even turned to encrypted messaging apps like Telegram and WhatsApp to conduct business. The fast evolution of Dark Web crime often leaves law enforcement playing catch up.

"Aside from some small circles within the law enforcement community with higher resource availability, most enforcement activities are not heavily involved with this type of crime," says Michael Fabian, principal cybersecurity consultant at Synopsys' Software Integrity Group.

New battleground, new challenges

How do you combat crime that happens mostly anonymously and almost entirely online? Fabian, a former narcotics and vice detective, sees the fight as similar to the one against traditional crime, but with a few big complications.

"The method of communication is one thing—but carrying out the crime is quite another," he says. "Everything leaves a trail."

Law enforcement officials infiltrate Dark Web groups, marketplaces, and communication channels in the same manner they do physical criminal organizations. They then go through the same process of collecting evidence and building cases against criminals. These are still the most effective methods to nab criminals, says Fabian; they have just been adapted to the online world.

Informants often can be key to cracking online networks. Law enforcement also may rely on exploiting breaches in the operational security of online groups or marketplaces, says Fabian. Both methods were employed by the U.S. Federal Bureau of Investigation (FBI) to take down the Silk Road marketplace; an informant notified authorities of the threat posed by the site, according to WIRED, and the FBI took down the site briefly with a sustained distributed denial-of-service (DDoS) attack.

Dark Web crime takes place across borders in a mostly online environment, which presents unique challenges. "Legal jurisdiction, boundary politics, and direct attribution become problems for these investigations," says Fabian.

For instance, a drug dealer in the Netherlands could peddle product to American buyers over a marketplace housed on servers in China. To take down a single dealer or marketplace requires close coordination between the national law enforcement agencies of some or all countries involved, a type of coordination that is often difficult and messy.

"We were aiming to take down a big Dark market, and it was only after we spoke to our counterparts, we realized it was part of the same network," Nan van de Coevering, head of the Dark Web Team for the Netherlands national police, told World Politics Review in a report on Dark Web crime.

However, law enforcement is gaining some traction when it comes to cooperation.

In early 2018, the U.S. Department of Justice announced the formation of the Joint Criminal Opioid Darknet Enforcement (J-CODE) team, to curb online opioid sales happening over Dark Web networks. In mid-2018, the European Union Agency for Law Enforcement Cooperation (Europol) established a dedicated Dark Web team to take a "complete, coordinated approach" to Dark Web crime.

However, even closer coordination between agencies does not solve all the challenges that come with fighting crime on the Dark Web. In many cases, the evidence to implicate someone in Dark Web crime is encrypted and/or owned by the companies that sell apps, devices, and communication services. These apps, devices, and services are often sold with the promise of user privacy.

A high-profile example of how messy—and public—this issue can get was seen in 2017, when the FBI drew heat and a legal battle for trying to compel Apple to give up personal data from the phone of the San Bernardino shooter.

However, Fabian sees this as just one more obstacle in the ever-evolving war on crime.

"Private applications or other communication methods act as a facilitator of illicit behavior and another hurdle that law enforcement officials have to manage," says Fabian. "It's part of the evolutionary nature of crime."

Logan Kugler is a freelance technology writer based in Tampa, FL, USA. He has written for over 60 major publications.


 

No entries found