Curricula - Knowledge - Navigation

Policing the Dark Web

How to prosecute the invisible? The Deep Web provides almost ideal hideouts for criminal activities of all kinds. LEAs have to improve their approach in order to successfully tackle the issue.

Understanding and keeping up with developments of the World Wide Web is one thing, but tracing dynamics of the Dark Web becomes even more complex. Technological expertise and cooperation on the international level are indispensable prerequisites for establishing a robust approach in prosecuting and inhibiting cybercrime of the Dark Web.

The surface web which is easily accessible for all users is only the tip of the iceberg. Below this visible layer the so called Deep Web which is not accessible by Surface Web crawlers and browsers is located. It holds all kind of data such as medical and financial records, legal documents and organisation specific repositories, however, its breadth and depth are unknown. The so called Dark Web represents another layer which is only accessibly by certain browsers (e.g. TOR). It is known as an online space where information has been intentionally concealed and which allows users to surf anonymously. This opportunity attracts cyber-criminals from across the world who use this space for malicious activities such as drug trafficking, child sex abuse, proliferation and services fostering violent extremism and cybercrime.

A popular Dark Web site was an international online marketplace for illicit services and drugs called Silk Road. It held vendors from over ten countries around the world and goods and services that were purchased by more than 100,000 customers. [1] According to an estimation, Silk Road generated about $ 1.2 billion in sales between 2011 and 2013. The site was shut down in the meantime by the FBI. [2] It got obvious that Silk Road was only one of many illegal market places on the Dark Web. However, it also led to the question how law enforcement agencies should deal with the situation and if they have proper tools and knowledge to tackle illegal activities in the Dark Web.

Challenges for police

There are two main challenges which are essential at the moment for the success of poling the dark web:

  1. International dimension of crimes: Crimes on the Dark Web are global and thereby a strong and efficient exchange of information between law enforcement agencies across the world is necessary. In many cases this is extremely complicated based on different legislations and regulations.
  2. Technical dimension: Many cyber criminals on the Dark Web have sophisticated tech skills and spend a lot of time and money in staying anonymous. This means that also law enforcement agencies need highly professional and well-trained tech-savvy personnel to develop successful counter measures against cyber criminals. In addition it also needs awareness among policy makers with the government that understand the issue and dimension of the problem.
Needs for future policing

The project Media4SEC has identified a list of needs to improve future poling of the Dark Web based on an expert workshop that took place in Den Haag September 26th, 2017:

Knowledge and research needs Understanding and methods to disrupt the culture of trust of dark markets. Better understanding of the relation between dark market activities and terrorism, for example on the aspects of recruitment, publicity/ communication, propaganda of fear, money laundering and financing. Methods to link the digital and physical patterns of suspects with the aim to ultimately catch suspects ‘red-handed’, while acting on their computer on a dark market (cyber forensics research).

Tools and techs needs Tools for automatic collection/crawling, fusion and visualisation of data, with the particular goal to increase statistics (quantitative focus), relate the analysed data to physical world entities, de-anonymise, and provide a degree of trustworthiness for evidence of prosecution. In particular, tools to combine different types of evidence online (e.g., from clear-web, e.g., Reddit, and from dark-web, e.g., dark markets) with real-world evidence, e.g., envelopes, mailbox, licence plates. A central European repository for data, information and practices sharing across LEAs and a data lab for experimentation. Procurement of technological infrastructure to enhance interoperability between different organisations.

Education, capacity and expertise needs Education and training of LEA investigators at an international level on data analytics literacy. Commercial tools can provide short term solutions, but are often not flexible enough to the fast changing needs; additionally, public procurement procedures are often lengthy. Therefore, data analytics literacy and expertise building is needed directly by the LEAs. Ideally, LEAs in the future will be able to design, develop their own tools or at least closely collaborate in a team with developers. LEAs will need individuals who are both technologically and ‘streetwise’ literate. Capacity building at academic level on cyber and digital matters, to increase the pull of experts that will collaborate with LEAs.

Process, governance and culture-related needs Better coordinated actions between LEAs in different countries, and within the same country between different agencies. Simple mechanisms to facilitate sharing of investigation experiences and data analytics tools, for example through existing networks (Europol, ENLETS, EU Joint Research Centre). Teams based on different expertise across LEAs ‘silo’s’ and across different organisations (LEAs, academy, knowledge institutions, private sectors). Teams with a proactive approach to investigation. Fostering of a culture of intelligence and best-practices sharing, and of openness/flexibility to a fast pace of innovation. [3]

Aiming to accommodate named challenges and requirement, the European Horizon 2020 project TAKEDOWN (www.takedownproject.eu) is currently working on a web platform solution which provides LEAs as well as first line practitioners with relevant scientifically based but practical and easy-to-use information. Besides knowledge and research needs, also software solutions are showcased which can be applied by LEAs to improve their cyber-crime tackling strategies. Furthermore also educational resources will be provided to support law enforcement personnel and decision makers to understand latest trends and developments on the Dark Web.

Note: This article is based on Deliverable D2.5 of the MEDI@4SEC project co-funded by the Horizon 2020 Framework Programme of the European Union under the Grant Agreement Number 700281.

References

[1] Department of Justice, United States Attorney’s Office, “Ross Ulbricht, A/K/A “Dread Pirate Roberts,” Sentenced In Manhattan Federal Court To Life In Prison,” press release, May 29, 2015.

[2] Department of Justice, United States Attorney’s Office, “Manhattan U.S. Attorney Announces Seizure Of Additional $28 Million Worth Of Bitcoins Belonging To Ross William Ulbricht, Alleged Owner And Operator Of “Silk Road” Website,” press release, October 25, 2013.

[3] Oggero, S. ed. (2017). Media4sec. Workshop 3 Report. Policing the Dark Web. Deliverable 2.5. [online] Available at: http://media4sec.eu/downloads/d2-5.pdf

[2] Finklea, K. (2017). Dark Web. Congressional Research Service. [online] Available at: https://fas.org/sgp/crs/misc/R44101.pdf