Cryptomarkets: illicit goods on the darknet
6 Nov 2014|

Dark Silk WebIn October 2013 the FBI was celebrating the arrest of Ross Ulbricht, aka ‘The Dread Pirate Roberts’ and the takedown of his online marketplace ‘Silk Road’. He was believed to have amassed in the region of US$80 million from Silk Road where people bought a range of goods both legal and illegal 0n the ‘darknet’, a part of the Deep Web, where contents are not accessible through traditional search engines such as Google, and—importantly—anonymity prevails. Obviously the illegal buying and selling of drugs, exploit-software kits, credit-card details, and fake identification, as well as a host of other illegal goods are what drew the FBI’s attention. Yet despite the closure of Silk Road the past year has produced a larger problem in its wake, a diversification of cryptomarkets which are expanding to meet the demand of an ever-increasing clientele.

In some respects the growth in cryptomarkets is as much to do with the publicity that followed the shuttering of Silk Road as it is to do with mimicking the growth of e-commerce in general. True, convenience, product choice, price and peer review play as much of a role in illegal markets now as they do in legal online marketplaces such as eBay and Amazon. In July 2014, the BBC reported that listings of illegal drugs online on the darknet had more than doubled from where they were less than a year previously. In October 2013 there were 18,174 drug listings across four major markets, by 31 July 2014 there were 43,175 across 23 markets. Three of the largest markets are Silk Road 2.0 (largely based on its predecessor), Agora and Evolution, each of which all have more listings than the original Silk Road did at the time of its demise.

Those three markets all ban child pornography, but their other principles are more negotiable. Silk Road 2.0 focuses on drugs, while Agora sells weapons too. The fastest growing of all is Evolution which has the loosest restrictions and advertises guns, stolen credit card data, medical information, and fake IDs. Still, those are not the most malicious parts of the darknet, and there are genuine concerns that it provides a haven for dealing in child pornography, contract killings, human trafficking, terrorism and the selling of state secrets.

The key to those activities is the relative anonymity that users have when accessing the darknet, via browsers such as The Onion Router (TOR), known by this name due to the layers of encryption that surround and obscure the data being passed back and forth when it is used. The genesis of TOR was the research of three US Naval Research Laboratory scientists—in 2011 the US Government still supplied 60% of its funding—and Google supports the non-profit organisation that administers it. There are plenty of reasons why the US Government would fund such a tool: the military and intelligence agencies could use it for covert communications, for example, or the police could use it to receive anonymous tips, and investigate illegal online activities without alerting the targets. Of interest to a range of Western governments, it has provided an avenue for dissidents and journalists in authoritarian regimes to speak out and communicate with others outside of their borders.

Yet the anonymity to browse illegal goods when combined with the growth in cryptocurrencies which allow relative anonymity to pay for those goods make for a tricky problem for law enforcement agencies. Bitcoin has been the most notable of those currencies, but is now becoming passé. New currencies such as Zerocash (which claims to be a privacy-preserving version of its predecessor) are increasing the headache for hi-tech crime units around the world.

As evidenced by the Silk Road takedown, the police have a real problem on their hands—as soon as they shut down these markets they reappear in another place. In February 2014 the Dutch and German police shut down a similar website on the darknet as part of an investigation into online criminal activities. The Utopia website had been used to trade drugs, stolen credit cards and weapons as well as a host of other illegal goods. The site itself had only been up and running for nine days, but within that time there had been some 13,000 listings, many offering global postage services—an indicator of just how popular these types of sites have become.

The message from the Dutch was a clear one: individuals using the TOR browser and the darknet are not ‘untouchable’. Law-enforcement efforts are improving as more technologically-savvy individuals are recruited by the agencies involved. International linkages between law-enforcement agencies are getting better, as is sharing of knowledge and best practice. The agencies face a steep learning curve. Most crimes now involve some kind of cyber component, and those involved in investigating them are increasingly called upon to master the skills and operating environment they find in cyberspace.

Tobias Feakin is a senior analyst at ASPI and director of ASPI’s International Cyber Policy Centre. Image courtesy of Flickr user The AutoMotovated Cyclist.