From an outsider’s perspective, law enforcement agencies’ efforts seem to be paying off.
Their successes have included:
- Infiltrating Tor to unmask visitors to a child sex abuse site.
- Employing undercover police, malware and/or clever technology to take down what was once one of the top markets for illicit drugs and other contraband and services, Silk Road. The FBI didn’t foil Tor to get at Silk Road just once, mind you: it took it down multiple times. The site’s reboot, Silk Road 2.0, was taken down after a successful, 6-month attack on Tor.
- Using Deep Web access and cataloging tools from the Defense Advanced Research Projects Agency (DARPA) to track down sex traffickers for about a year before the tools, called Memex, were even revealed.
Attempts to map the Dark Web have only turned up about 7,000 hidden sites but it’s the seriousness of the crimes it masks, rather than its size, that make it so intensely interesting to law enforcement agencies.
To that end, INTERPOL’s Cyber Research Lab recently concluded its first-ever training session to help police identify the methods and strategies used by organized crime networks and individuals to avoid detection in the web’s dark corners.
The five-day training course, which wrapped up on 31 July, was held in Singapore and was attended by officers from Australia, Finland, France, Ghana, Hong Kong, Indonesia, Japan, Netherlands, Singapore, Sri Lanka and Sweden.
INTERPOL said in a release that its Cyber Labs created its own private ‘Dark’ network, private cryptocurrency and simulated marketplace, recreating the virtual underground environment used by criminals to avoid detection.
Then, participants dove into the dark: they role-played as vendors, buyers and administrators to improve their understanding of the technical infrastructure of services hidden by Tor, the structure of illicit marketplaces, and cryptocurrencies.
Exercises also included live law enforcement takedowns of the simulated market places.
Madan Oberoi, INTERPOL’s Director of Cyber Innovation and Outreach unit, said that if police forces are going to keep an eye on organized crime, these are the skills they’ll have to learn:
Darknets are fast emerging as the preferred trading venue for organized crime networks and individuals to carry out illicit activities, with cryptocurrencies the preferred medium for paying for these criminal services.
The course, co-developed by INTERPOL and the Netherlands Organisation for Applied Scientific Research (TNO), also included the concept of penetration testing marketplaces on a Darknet infrastructure to determine whether a system is vulnerable to attack.
INTERPOL’s planning a second course, scheduled for November in Brussels.
The second course will provide a separate training event designed for senior law enforcement officers in order to raise awareness of these new threat areas at all policing levels, INTERPOL said.
With only about 7,000 active sites to share between them, it may well seem like all the undercover cops from so many different countries might be stumbling into each other.
But bear in mind that this is a shifty place we’re talking about.
Staffan Truvé, CTO of Recorded Future, a threat intelligence company headquartered in Boston, US, has been mapping the Darknet, pulling information from the places on the normal, indexed internet where users talk about the Dark Web and direct each other to specific hidden sites.
Granted, while he’s found that many parts aren’t all that hard to find or visualize, mapping this land still entails tracking a fast-moving target: some 10% of sites posted on Pastebin are deleted within 48 hours.
That makes sense, given that most are set up temporarily by criminals to point to illegal services before quickly being deleted.
That means that police not only have to know how to navigate in the dark; they also have to figure out how to do it nimbly if they want to catch up with these fast, elusive crooks, and, hopefully, avoid bumping into each other too much as they do.
Composite image of webs and woman working in courtesy of Shutterstock.