The various anonymity features of dark web platforms have deceived a host of users into believing in its invincibility as far as law enforcement is concerned. It is no surprise that many cybercriminals still operate within the darknet economy with a mentality that they are beyond the long arm of the law.
In reality, government authorities across the world have continually launched and executed successful anti-darknet operations that have cracked some of the most sophisticated criminal rings on the planet.
This article will shed some light into some of the ways that have been used, and continue to be employed, by law enforcement agencies in the identification and eventual prosecution o dark web user – most of whom happen to be drug dealers, weapon traffickers, child sex abuse operatives and scammers.
Surveillance on the Postal System
The fact that darknet systems have grown in scale and sophistication is common knowledge. Still, most dark web vendors depend on postal systems to distribute products to clients – an aspect that law enforcement agencies have noted with great concern.
Indeed, darknet drug dealers, for example, have been known to us stealth packaging to conceal banned substances to be passed through the postal system without detection by custom officials. It is for this reason that the police have identified national postal systems as probable value chain points to be used in criminal identification.
Take the example of the 2012 case of a Silk Road drug dealer whose girlfriend’s activities were picked up by law enforcement agents through post office surveillance. It turned out that the interception of heroin packages and the individual’s license plate number is what led to the successful identification.
Use of Undercover Law Enforcement Agents
While anonymity tools have been of great blessing to darknet users, vendors and buyers within dark web platforms are limited as far as the identification of transactional interlocutors is concerned.
Law enforcement agents have succeeded in exploiting this problem to pose as sellers and buyers of illicit goods and services with the sole intention of destroying entire dark web marketplaces. Importantly, such operations usually end up in the arrest of buyers, sellers and administrators associated with these underground sites.
Sometime in the year 2017, Dutch authorities used an underground operation to take control of the now-defunct Hansa market – leading to the platform’s eventual shut down and the apprehension of two of its operators in Germany.
Further, it was reported that the underground operation saw law enforcement agencies in the Netherlands and Australia make keynote arrests of Hansa users within the separate jurisdictions.
Digging through Data
Almost all law enforcement operations lead to arrests that present investigators with a plethora of data to help in unmasking the full scale of suspected illicit darknet operations. When a darknet vendor is arrested or a dark web marketplace shut down, authorities have always used the resultant data to nab other darknet users.
The exploitation of such leads can be seen in a number of anti-darknet cases such as that of German darknet seller “Shiny Flakes”. In the 2015 case that was considered to be the biggest darknet crime trial at the time, authorities discovered the spreadsheet of drug orders that the now-incarcerated drug dealer kept. The data was used by the police to track down drug buyers.
In addition, we can recall that Ross Ulbricht’s real identity was uncovered after investigators came across his personal information – after the now-jailed Silk Road founder came across an advert made by Ulbricht on a Bitcoin forum using his personal email address.
Tracking the Money
Cryptocurrencies have become central to the darknet economy due to their pseudo-anonymous nature across transactions. Consequently, Homeland Security Investigations (HSI) created a taskforce charged with operations to “follow the money” in order to catch up with money launderers who use crypto.
A good example about how HSI tracks down money launderers can be drawn from the high profile case involving HSI Special Agent Matthew Larsen and David Burchard. An investigation into the suspect’s darknet exploits was established after Burchard had sold millions of dollars in crypto to an unlicensed crypto exchange.
Then, law enforcement agents suspected that their target was involved in the illicit drug business and sought to track down his real business. Eventually, the transactions were traced back to his illicit activities on the Silk Road dark web marketplace.
Cyber techniques have been used by law enforcement agencies to identify darknet users. Hacking involves bypassing TOR’s features to attack an endpoint – to expose the real identities of suspected dark web users.
Arguably, hacking stands to be a highly effective considering the scale of success a police operation can achieve as far as unmasking computer systems and IP addresses are concerned – as in the child sex abuse case in which the FBI hacked Playpen using a hacking tool known as Network Investigative Technique (NIT). The founder was arrested and sentenced to thirty years in prison.