Blog
07.21.2017

Dark web markets' shutdown may lead to more arrests

Search Security, July 21, 2017; Atiq Raza comments on recent undercover tactics to track dark web criminals

This summer, the FBI and Drug Enforcement Agency led the largest dark web market takedown in US history, shutting down AlphaBay and Hansa, which included over 40,000 illegal vendors and 200,000 customers. As gratifying as that is, the reality is also that the means and methods involved in finding and capturing these dark web markets are themselves on the dark side, which raises some ethical questions. Once it discovers such dark web markets, law enforcement is frequently placed in the position of keeping them running for lengths of time in order to gain more intelligence and information before blowing the whistle. For example in this case, law enforcement secretly controlled Hansa for many weeks before shutting down AlphaBay in order to maximize gathering users’ information as they were migrating over to Hansa. Of course, while that was happening, illegal transactions continued as well.

Atiq Raza, CEO of Virsec Systems Inc., based in San Jose, Calif., reflects on the tactic, saying it was a "smart and practical move" for law enforcement to gather information from the Hansa market. "While these sites seem like centralized businesses, they really just connect thousands of independent criminal enterprises that can easily do business elsewhere. The only chance of this being effective is to go after the endpoints -- not just shutting down the hub," Raza told SearchSecurity. "Any undercover investigation has to deal with this ethical fine line. Having said that, one hopes that the focus of temporarily running these sites was to identify users, not facilitate transactions."

Chasing down dark web criminals is a continual, complex effort

It’s an irreconcilable dilemma and there’s also concern on the flip side.  Once a large dark web market is closed down, the vendors typically move on to smaller dark web markets or start new ones. And the more information that’s gathered, the greater the chance that the next dark web markets that sprout (and they will and already are because that’s what they do), can actually contribute to the next rounds getting bigger and being even more difficult to take down. It’s a vicious cycle.

So far though, as of the end of August, according to Search Security in their 8/28 article Study, dark web vendors taking precautions after AlphaBay and Hansa takedowns, fewer cyber criminals have moved to a new platform in the last couple of months. And, a good portion of them – 54 percent – that migrated to a new, similar dark web marketplace, Dream Market, didn’t attempt to change their names to avoid discovery. Only 14 percent changed their username (per TNO, Dutch research institute). Their rationale for not changing such obvious information is the need to retain their clientele, history, track record and such. But the dangerous and high stakes labyrinth of moves and countermoves continues.

Read full Dark Web Markets’ Shutdown article

 

Read full Dark Web Vendors Taking Precautions article