Last month, a jury convicted Ross Ulbricht as the ringleader of the notorious Silk Road website. The largest online black market, until it was shutdown by the Federal government in 2013, was the poster child of the so-called “Deep Web” and was best known as a platform for selling illegal drugs. Meanwhile, Darpa unveiled on 60 Minutes recently that the agency is developing a new search engine (Memex) that aims to make it easier for law enforcement and government to track illegal activity on the Deep Web. So what exactly is the Deep Web?
Like an iceberg, the vast majority of the Internet is obscured from easy view. This unindexed section of the Internet is dubbed “the Deep Web.” Experts agree that it is impossible to accurately gauge the exact size and scope of the Deep Web, but some dare to put the figure at hundreds of times the size of the visible or “surface” Internet. While most of this content is innocuous, more and more criminal activity is moving away from the light of day and into to the shadowy corners.
Accessing the Deep Web requires specialized knowledge and tools, as well as an anonymity network to guarantee privacy protection for users. Tor is an example of such a vehicle. Developed by the U.S. Navy more than ten years ago, Tor (The Onion Router) was designed to prevent browsing activity from being traced back to the user. Silk Road was operated as a Tor hidden service, enabling users to browse it anonymously and securely.
In addition to the skill and infrastructure needed to access a deep web presence, black market operators generally take additional security procedures to ensure their sites are not found and shut down by the authorities, and that users’ identities are protected. These measures may include hosting sites with bullet-proof servers, where the host agrees not to reveal information about the people using the platform, regardless of the circumstances.
The underground markets have long become gathering points for hackers wanting to buy and sell information, while enjoying anonymity and escrow services from operators. These markets continue to grow more sophisticated every day, and are developing into a “supply chain” for all kinds of illegal activities, where each party within the chain specializes in their unique piece of a nefarious puzzle.
For example, hackers who are skilled enough to breach a network and extract information may not have the interest or the resources to then use those credentials to steal actual funds. Instead, they are increasingly finding it more profitable to go into the Deep Web and find a buyer for the information (credit card numbers, Social Security Numbers, other personal data) and sell it to them.
Today, the Deep Web has evolved and has turned into an immense information-sharing tool that is making it easier for criminals to do their job more thoroughly. For example, someone may purchase your Social Security Number from one data broker. Then, in order to buy a car under your name, they may need to know information such as your physical and email addresses, phone numbers, current and historical career history, and answers to security questions. Putting the information together from multiple data brokers (typically from multiple breaches) can provide these criminals a comprehensive, credible dossier that makes it far easier to impersonate someone.
The recent evolution of the Deep Web has allowed fraud to become increasingly commoditized and easier to do, simply because there are many ways to monetize the fraud process itself. As it continues to mature, we expect to see increasingly sophisticated fraud based on the ability to mine the Deep Web for a variety of information. The Darpa Memex project is a great first step in leveling the playing field. But it will take a coordinated effort between government and the private sector to catch up to the very large lead that the hacker community has been building.
Daniel Ingevaldson is Chief Technology Officer of Easy Solutions.