Shedding Light On The Dark Web

Uploaded on 2016-08-03 in NEWS-News Analysis, GOVERNMENT-Law Enforcement, FREE TO VIEW

 

Though online markets still account for a small share of illicit drug sales, they are growing fast, and changing drug-dealing as they grow. Sellers are competing on price and quality, and seeking to build reputable brands. 

Turnover has risen from an estimated $15m-17m in 2012 to $150m-180m in 2015. And the share of American drug-takers who have got high with the help of a website jumped from 8% in 2014 to 15% this year, according to the Global Drug Survey, an online study.

Online drug markets are part of the “dark web”: sites only accessible through browsers such as Tor, which route communications via several computers and layers of encryption, making them almost impossible for law enforcement to track. 

Buyers and sellers make contact using e-mail providers such as Sigaint, a secure dark-web service, and encryption software such as Pretty Good Privacy (PGP). They settle up in bitcoin, a digital currency that can be exchanged for the old-fashioned sort and that offers near-anonymity during a deal.

Almost all sales are via “crypto-markets”: dark websites that act as shop-fronts. These provide an escrow service, holding payments until customers agree to the bitcoin being released. Feedback systems like those on legitimate sites such as Amazon and eBay allow buyers to rate their purchases and to leave comments, helping other customers to choose a trustworthy supplier. 

The administrators take a 5-10% cut of each sale and set broad policy (for example, whether to allow the sale of guns). They pay moderators in bitcoin to run customer forums and handle complaints.

Once a deal is struck and payment is waiting in escrow, drugs are packed in a vacuum-sealed bag using latex gloves to avoid leaving fingerprints or traces of DNA, and dipped in bleach as a further precaution against leaving forensic traces. A label is printed (customs officials are suspicious of handwritten addresses on international packages). Smart sellers use several post offices, all far from their homes—and, preferably, not overlooked by CCTV cameras. 

Some offer to send empty packages to new customers, so they can check for signs of inspection. Smart buyers use the address of an inattentive or absent neighbour with an accessible postbox, and never sign for receipt. Judging by the reviews, around 90% of shipments get through.

Despite the elaborate precautions, until now crypto-markets have tended not to last long. The first, Silk Road, survived almost three years until the FBI tracked down its administrator, Ross Ulbricht, aka “Dread Pirate Roberts”. He is serving a life sentence for money-laundering, computer-hacking and conspiracy to sell narcotics. 

Its successor, Silk Road 2, lasted just a year before law-enforcement caught up with it. Buyers and sellers migrated to the next-biggest sites, Evolution and Agora. The former vanished in March 2015 with $12m-worth of customers’ bitcoin in an “exit scam”. Then Agora disappeared, claiming that it had to fix security flaws. The biggest still standing is Alphabay, though the recently opened fourth version of Silk Road could knock it off the top spot.

Economist

« Don’t Underestimate Virtual Reality
Half UK Employees Have No Cyber Security Training »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

FlashRouters

FlashRouters

FlashRouters offers DD-WRT compatible router models with improved performance, privacy/security options, and advanced functionality.

BMC Software

BMC Software

BMC provide solutions for IT service management, Cloud management, IT workload automation, IT operations, and mainframe system management.

AirCUVE

AirCUVE

AirCUVE provide authentication and access control solutions for networks and mobile security.

Commissum

Commissum

Commissum specialise in information assurance and security testing services.

ComTrue Technologies

ComTrue Technologies

ComTrue Technologies is a developer and provider of personal information protection and cyber security solutions and services.

Cybrary

Cybrary

Cybrary is an open-source cyber security and IT learning and certification preparation platform.

CASES.lu

CASES.lu

CASES.lu is a government-driven initiative offering awareness-raising, a web resource and other tools to assist SMEs concerning information security.

Aptiv

Aptiv

Aptiv is a global technology company that develops safer, greener and more connected solutions enabling the future of mobility.

AppGuard

AppGuard

AppGuard prevents breaches by blocking applications from performing inappropriate processes using our patented dynamic isolation and inheritance technologies.

Netsecurity AS

Netsecurity AS

Netsecurity is a Norwegian owned company focused and specialised within IT security and cybersecurity-as-a service.

DeVry University - Cyber Security Degree

DeVry University - Cyber Security Degree

Explore the dynamic world of data protection with a hybrid or online cyber security degree specialization with DeVry's IT & Networking Bachelor's Degree.

Aigner Business Solutions

Aigner Business Solutions

Aigner Business Solutions GmbH is a specialist in IT-Security and Data Protection. Concise and focussed.

Nexon Asia Pacific

Nexon Asia Pacific

Nexon solutions include cloud infrastructure and services, unified communications, managed security services, business continuity, secured high-performance network and business applications.

Accenture

Accenture

Accenture is a leading global professional services company providing a range of strategy, consulting, digital, technology & operations services and solutions including cybersecurity.

DART Consulting & Training

DART Consulting & Training

DART is a leading cyber training and consultancy company. We enhance our clients’ cyber capabilities by growing and strengthening their frontline defense – the cyber teams.

Nerds On Site

Nerds On Site

Nerds On Site provide on-site & in-home IT and technical support, managed IT services, and cyber security through our collaborative team of highly-trained IT and Security professionals.