Dark Web No Longer a Safe Haven for Crooks

Print Friendly, PDF & Email

In this special guest feature, Ran Geva, CEO of Webhose, discusses how big data is not only aiding law enforcement in traditional ways like identifying areas of risk and helping to create patrol patterns to prevent street crimes, but to identify and seek out anonymous criminals in the dark web. Ran is a serial entrepreneur with over two decades of hands-on experience in software development and leadership positions. After founding Omgili, a search engine for online discussions, and co-founding Buzzilla, one of the top web monitoring and analysis companies in Israel, he went on to co-found Webhose.io – a leading global provider of structured web data, where he serves as CEO and lead technologist.

The Dark Web, the underground version of the Internet that has long since become the haven of cyber-criminals, credit card scammers, drug dealers, and even pedophiles, may yet hold valuable information critical to unmasking the identity of perpetrators of these crimes. And while the dark web is ostensibly anonymous, given the right information there are strategies law enforcement can employ to piece together the identities of criminals hiding in the dark web– mainly by tracking and analyzing their activities using big data technology.

The dark web, of course, is the part of the Internet that does not connect to standard DNS servers, and thus cannot be reached via standard web browsers; instead, users connect to it via the Tor router. As a result, these sites are not traceable using the normal tools used to track “surface” web sites (DNS traces, IP address look-ups, etc.) – making them attractive to bad actors who, for obvious reasons, want to hide their identity. While many people are using the dark web for totally legitimate reasons, it also hosts numerous sites proffering drugs, guns, “extreme” pornography (pedophilia, bestiality, etc.), and, of course, data on victims of credit card fraud and identity theft. This is where you go to buy real credit card numbers, or even fake social security numbers – which, as authorities have recently discovered, can be used to pull off online thefts.

Finding the sites that offer these wares is difficult; it requires specialized tools that only a few companies specialize in, and far fewer when you add the dark web to that equation. Those that do, however, work with a wide range of organizations – law enforcement, banks, credit agencies, and corporate brands – to gather data on what is being offered.

One way to do this, for example, is via the payment system almost all these sites use – crypto-currencies, such as Bitcoin. An illegal arms seller, for example, will ask clients to send a crypto payment to a dark web address that is connected to a crypto wallet. Ostensibly, all that data is anonymous – and untraceable. However, the go to way for obtaining Bitcoins is using government-issued currency via online exchanges such as Coinbase, paid via credit card – which, of course, is quite traceable.

The transactions, of course, are registered on the blockchain, and thus are visible to everyone. And while the blockchain and the wallets are anonymous, the credit card, check, or other online transaction that enabled either party to register on a crypto-exchange, or to buy a crypto-coin, are not. That data is fair game for investigators – and using advanced big data collection and analysis techniques, it’s possible today for investigators to pinpoint either or both parties to a transaction, for example by tracing the purchase of a crypto-coin deposited in a wallet, and from there analyzing and comparing the data to blockchain transactions – amount crypto-currency purchased, date, etc.

The same system is being used in the private sector as well; banks whose credit card accounts have been hacked into, with personal information on victims peddled online, will employ a dark web search firm to locate and acquire data about the sites that are selling the data, and investigators working on their behalf will begin tracing the buyers and sellers of the that data via their online surface web activities. That the purchaser of a credit card number will use it on the WWW is almost a sure thing; Amazon, eBay, and the other online retail giants don’t have dark web sales sites. Although they may have an edge for now, dark web cyber-crooks are beginning to look over their shoulders as big data collection and analysis gets better – and investigators get better at tracking them down.


Sign up for the free insideBIGDATA newsletter.

Speak Your Mind