Future Crimes
Page 29
For nearly three years, Dread Pirate Roberts operated the largest online criminal marketplace in the world, successfully attracting over 950,000 users to create accounts on Silk Road. But how could such a flagrant violation of the law operate for such an extended period of time without any productive police intervention? Simple, they had no idea how to stop it. Silk Road was not a standard Web site, readily accessible by typing www-something in a browser’s address bar. Rather, it operated in the digital underground, hidden away behind layers of secrecy enabled by specialized encryption and obfuscation software known as The Onion Router, or Tor for short (more on this later). Using the Tor software, all parties buying and selling illicit goods could remain anonymous, only identifying themselves via a chosen made-up screen name. To further protect users and their illegal activities, the only form of payment accepted on Silk Road was Bitcoin, a new type of electronic currency that allowed parties to exchange funds online with strong privacy protection.
Among those in the know, the frequent references to Silk Road as an eBay for drugs were incredibly apt. In keeping with the latest Crime, Inc. techniques, DPR instituted a robust online reputation system that allowed users to evaluate and trust one another prior to transacting. Yes, you can rate your drug dealer. Thus Basehead888 could see that DealioInThe312 had conducted over forty-six hundred cocaine sales and earned a 97 percent customer approval rating from his adoring cracked-out fans. Specific comments left by customers touted “how fast shipping was” or “how solid the stealth packaging was—no drug sniffa [sic] dog gonna find this!”
As time went on, the popularity and infamy of Silk Road grew, and before long nearly 600,000 private messages were being exchanged monthly between buyers and sellers. Eventually, the volume of traffic and transactions became more than DPR alone could handle. In response, the crime boss hired a small staff of system administrators who were paid $1,000 to $2,000 a month to help with the day-to-day operation of the site, including monitoring user activity for problems, performing customer service, and acting as a mediator when buyers and sellers were in dispute. Of course, the founder of the world’s largest underground illicit drug marketplace made significantly more than his employees, something his low-level system admins quickly realized. To right the perceived injustice of a low salary, one of the Silk Road employees began to embezzle from the company. As anybody who has ever watched Scarface, The Sopranos, or The Godfather could tell you, stealing from Mr. Big is never a good idea.
When Dread Pirate Roberts realized he was being ripped off, it was a betrayal he could not tolerate. In response, he reached out to one of the many professional assassins on his site and negotiated an $80,000 fee to have the employee whacked (50 percent due up front per the standard assassin code of conduct). DPR was so outraged by the lack of respect shown by his employee he provided specific instructions to the hit man to torture his soon-to-be-former system administrator prior to his death. DPR forwarded the assassin his employee’s address in Utah and agreed to pay the balance of the kill fee after photographic proof of the homicide was received. A few days later, the Silk Road CEO received the verification he had been seeking in the form of a JPEG photograph. Ever the man of his word, DPR wired the remaining $40,000 balance to the killer and even sent a thank-you note for the hit, lamenting in an encrypted e-mail, “I’m pissed I had to kill him … but what is done is done … I just can’t believe he was so stupid … I just wish more people had some integrity.” Yes, the founder of Silk Road, the world’s largest illicit marketplace, the man who had just ordered a hit on his own employee, was disturbed by the lack of integrity in this world.
But this wasn’t the only time Dread Pirate Roberts had ordered a hit on somebody who had crossed him. His exploits were an open secret in the digital underground, and even the U.S. Senate held hearings demanding police action. Of course, the FBI and others were already on the case and had completed more than a hundred undercover buys on the site. Before long, they were also on the trail of Silk Road’s godfather, the Internet entrepreneur-cum-murderous drug lord who started it all. The global manhunt for Dread Pirate Roberts eventually led the FBI’s Silk Road task force to the Glen Park branch of the San Francisco Public Library.
There, on a cool, sunny day in the fall of 2013, a man in his late twenties with brown wavy hair settled down with his laptop in the quiet of the science fiction section and began typing away as the surrounding patrons read their books and leafed through magazines. Suddenly the silence was broken when a young woman charged toward the young man screaming, “I’m so sick of you!” In an instant, she was upon him and grabbed the laptop right off the table. As he struggled to regain control of the computer, the fellow patrons at his table, rather than helping him, threw him up against the wall, allowing the strange woman to abscond with his most prized possession.
This was no random theft. Many of those masquerading bibliophiles had been patiently waiting for both this particular twentysomething and his laptop. As soon as the young man booted up and entered all the necessary passwords to decrypt the computer’s hard drive, the assailants pounced. The confrontation, however, was over in an instant, once the would-be thieves reached underneath their shirts and one by one revealed their hidden gold FBI badges. Stunned librarians, jaws agape, looked on as the young man with wavy brown hair was placed under arrest and taken to the Glenn Dyer Jail in Oakland for booking. Dread Pirate Roberts was no more.
Though DPR had worked hard to protect his identity by using Tor and Bitcoin to cover his tracks, he made a series of rookie operational mistakes that eventually led the Feds to his frequent log-ons at the San Francisco Public Library. According to a federal indictment, Dread Pirate Roberts was in fact Ross William Ulbricht, a twenty-nine-year-old from Texas who had moved to San Francisco a few years earlier.
The U.S. Attorney for the Southern District of New York charged Ulbricht, a.k.a. DPR, with a variety of offenses, including “conspiracy to commit narcotics trafficking, computer hacking, money laundering and running a criminal enterprise.” Oh yeah, Ulbricht was also charged with attempted murder and the “Use of Interstate Commerce Facilities in the Commission of Murder-for-Hire.” Turns out the professional hit man DPR thought he had hired was actually an undercover federal agent. Prosecutors have accused Ulbricht of ordering a total of five additional assassinations. When Ulbricht reportedly paid the sums demanded by the would-be assassin, the FBI knew he was dead serious and intervened to save those targeted. The Feds obtained the cooperation of all those who were to be “whacked” and took staged photographs of the alleged victims covered in fake blood and wearing the ashen face makeup of a dead body that they forwarded to DPR as the proof of killings he demanded.
Who was this criminal mastermind behind Silk Road? Not at all whom you would expect. Ross Ulbricht was the kind of kid any parent would be proud of, an Eagle Scout from Austin, Texas, who had earned a master’s degree in science and engineering. In grad school, Ulbricht eventually lost interest in science in favor of a new passion for libertarianism. He wrote on his LinkedIn profile that he now wished to “use economic theory to abolish the widespread and systemic use of force by institutions and government against mankind.” To that end, Dread Pirate Roberts was born, and the Internet’s Silk Road became the canvas on which he could test and perfect the limits of his free-market ideals. The result, much like the fictional Walter White of TV’s Breaking Bad fame, was the real-world story of a scientist who turns his passion for drugs and crypto anarchism into the world’s largest online purveyor of contraband ever known. In the process, our antihero also made money, lots and lots of money.
Like eBay, Silk Road charged a commission for every transaction, ranging from 8 to 15 percent depending on the size of the sale. Amazingly, according to the charges filed against Ulbricht, Silk Road processed more than $1.2 billion in transactions between February 2011 and July 2013 alone, netting its twenty-nine-year-old founder a cool $80 million in fees. Not bad for a two-year-old start-up. At the height
of its operation, according to a study published in the journal Addiction, nearly 20 percent of the drug users in the United States had purchased narcotics on Silk Road.
Ulbricht has pleaded not guilty to all charges, and his friends and family have all resoundingly declared him “such a nice guy,” even launching a crowdfunding campaign to help pay for his legal expenses (Bitcoin gladly accepted). The federal government, however, paints a much more troubling picture of Ulbricht in its indictment of him, that of a drug kingpin, cold-blooded killer, and mad criminal mastermind who completely reinvented the business model of Crime, Inc. Eagle Scout or villain, one thing is clear. Ulbricht, a.k.a. Dread Pirate Roberts, has now added yet another alias to his long list of names—that of inmate ULW981, confined to a cell twenty hours a day and facing life imprisonment. In the meantime, like a multiheaded Hydra, Silk Road, which was only ever briefly shut down, has roared back to life, under new management, flourishing and spreading across the vast expanses of the Dark Web that is the digital underground.
Passport to the Dark Web
In order for Dread Pirate Roberts’s criminal buyers and sellers to transact in his Silk Road marketplace, they first had to figure out how to get there. Just like the real world, you can’t simply knock on the door of any house on the block and expect to score a kilo of meth. The same holds true for the digital underground. You don’t get there by merely typing an address in your Firefox browser and hoping to be magically transported to the inner sanctum of Crime, Inc. Rather, you need a passport and a Sherpa to guide you. That journey begins with Tor—The Onion Router, a software tool that provides the closest thing to actual anonymity on the Internet.
Tor works by routing your Web connections through a worldwide array of five thousand computer servers in order to hide the source and destination of your connection. Without Tor, your online activities are easy to trace, and every time you visit sites like CNN or ESPN.com, you reveal your location and home network. Bad guys don’t like this; it makes them easy to catch. So instead, they obfuscate and route their traffic through services like Tor. This way, the cops can’t see that gangsters are selling AK-47s online using the Comcast server in Chicago (one mere subpoena away from identifying the Comcast customer assigned the Internet protocol address in question). Instead, any experienced hacker, let’s say in Moscow, will route his Internet traffic first through London, Cape Town, Tokyo, Austin, and Milan before popping out to attack a target in Manhattan. Doing so makes the proverbial “call” nearly impossible to trace.
While the Tor software client can be used to anonymously visit any common Web site such as Google, its true power lies in enabling connections to Tor’s hidden services—Web sites specifically configured to only receive inbound connections through the Tor network. Without the Tor software client, you simply cannot access the vast content available hidden away within The Onion Router network. With Tor’s hidden services, not only can the site visitor maintain privacy, but so too can any underground Web site visited. Rather than using a standard Web address such as Facebook.com, all of Tor’s hidden services have their own domain names, which end in an “onion” suffix. This system of dual anonymity allows both buyer and seller on Silk Road to transact by visiting a unique hidden domain (in the case of Silk Road, silkroadvb5piz3r.onion) without ever revealing their true identities to each other.
Though most people have never seen or used it, the Tor software is freely available for download via the Tor Web site, www.torproject.org. It can be installed in just a few minutes, and running the program stealthily transports users well off the beaten path of the mainstream global information grid. Oddly, Tor was originally created and funded as a project of the U.S. Naval Research Laboratory in 2004, with backing from the Electronic Frontier Foundation and the State Department as a means of helping overseas political dissidents and democracy activists safely organize and communicate with one another. There are any number of completely legitimate uses for Tor, and those behind the Great Firewalls of China, Iran, and elsewhere routinely depend on it to access everything from Facebook to the New York Times. Tor is also increasingly being used by journalists to securely communicate with sources and whistle-blowers, such as those within the WikiLeaks community.
While Tor might have been created for good, given its powerful ability to facilitate clandestine communication, it should come as no surprise that criminals have adopted the tool in droves, enabling the creation of services such as Silk Road. While precise numbers are hard to come by, a 2013 study of forty thousand hidden Tor sites found that nearly 50 percent were involved in illicit activities such as selling stolen credit cards, hacked accounts, weapons, drugs, and child pornography. Some security and law enforcement experts privately estimate that as much as 85 percent of Tor’s hidden services may be unlawful, with the rate of criminal adoption far outpacing that of privacy activists.
As of early 2014, the Tor software has been downloaded nearly 150 million times and is used by two million people daily. Assuming the more conservative figure of 50 percent illicit use, that means every day 300,000 criminals are getting up and going to work on the digital underground using Tor’s hidden services. According to Metcalfe’s law, the value of a telecommunications network is proportional to the square of the number of users connected to the system; as such, the threat from a fully networked and anonymous criminal workforce is profound.
Crime, Inc. may not be the only dark force using Tor to access hidden Web services. A number of reports have noted that al-Qaeda and its affiliates too leverage the secrecy and anonymity afforded by Tor’s encryption protocols to communicate, recruit new members, raise funds, spread propaganda, and even plan operations. After the former NSA contractor Edward Snowden leaked details of his agency’s vast communications interception capabilities, evidence emerged suggesting that numerous terrorist groups reevaluated their communications strategies and in numerous missives stressed the ongoing importance of online operational security to their members.
Organizations such as al-Qaeda in the Arabian Peninsula and Ansar al-Mujahideen have even produced training materials and YouTube videos encouraging their members to use Tor for all online activities.
Given Snowden’s revelations, as well as the widespread assaults on privacy previously noted, it is absolutely logical that ordinary citizens would turn to a powerful tool like Tor to maintain their online dignity, freedom, and human rights. That said, Tor’s hidden services have been thoroughly usurped by Crime, Inc., and the innovation they have and continue to unleash in the digital underground is mind-boggling for its size, scope, and scale.
A Journey into the Abyss
The Internet provides a delivery system for pathological states of mind.
PHILLIP ADAMS, AUSTRALIAN BROADCASTER AND AUTHOR
You thought you knew the Internet, but you don’t. You while away day after day watching videos on YouTube, posting status updates on Facebook, and shopping on Amazon, believing you are in a boundless online Garden of Eden, but you are not. From that very first time you ever ventured online, you’ve only ever really been visiting the surface Web. You’ve been trapped in a walled garden, one carefully manipulated and manicured just for you while those in the know have entered the Matrix, the other online world. This is the Internet most of us will never see. It goes by many names—the Deep Web, the Dark Net, the Secret Web, the digital underground, and the Invisible Internet, to name but a few. This is the shadow Internet, and Google definitely won’t take you there.
The Deep Web technically refers to those online information resources that search engines such as Google, Yahoo!, and Bing cannot index, because they are password protected, are behind paywalls, or require special software to access. Because the sophisticated Google Web crawler that searches for all Internet content has itself no ability to type, it can’t enter passwords, complete CAPTCHAs, or register for private sites and thus never catalogs vast swaths of the world’s information. Much of the Deep Web’s unindexed material lies in academic dat
abases such as LexisNexis or in topical data sets such as those held by the Patent Office or the Census Bureau. But beyond the mundane, there also lies much more salacious material.
Shockingly, the Deep Web is a massive five hundred times larger than the surface Web you use and search every day. While the Deep Web contains seventy-five hundred terabytes of information, the Googleable universe contains a paltry nineteen terabytes. According to a study published in Nature, Google captures no more than 16 percent of the surface Web and misses all of the Deep Web. As a result, when you search Google, you are only seeing 0.03 percent (one in three thousand pages) of the information that actually exists and would be available online if you knew how to get it. In other words, a Google search misses 99 percent of the World Wide Web’s data. Searching the Web today is akin to only fishing across the top two feet of the world’s vast oceans. Though you may catch something in your net, you are missing the monumental bounty available just below those two feet, down to the very depths of the seas. For the intrepid, there lies a digital equivalent of the Mariana Trench, a veritable undiscovered treasure trove of data just waiting to be explored.
But like a Russian matryoshka doll, nested within the Deep Web is another hidden world, a smaller but significant community where malicious actors unite in common purpose for ill. Welcome to the Dark Net, also called the Dark Web, a vast digital underground within the Deep Web where hackers, gangsters, terrorists, and pedophiles come to ply their trades. The Dark Net holds some of the greatest secrets the Internet has to offer, and like the back alleys and black market bazaars of any big city it is where criminals connect to conduct their illegal activities. The Dark Net uses encryption and peer-to-peer Internet relay channels specifically designed to hide the IP addresses of its users, thereby providing an anonymous, untraceable, and secure platform for Crime, Inc. to communicate and transact without fear of government or corporate interference.