The dark web has been described as the internet’s “evil twin”, a haven for drugs, paedophiles and contract killings. But as Melbourne journalist Eileen Ormsby tells Good Weekend, it is a whole lot more than that.
What exactly is the dark web?
It’s like a parallel internet of sites that can’t be accessed through the world wide web.
We’ve all heard the news stories about the dark web being a cesspit for drug traffickers, hit men, sex traffickers and paedophiles. Why has it become the internet’s Wild West?
Because there’s no way of regulating it, and people can generally use it without the fear that they will be identified and caught (unless they make a silly mistake or a lot of resources are spent on finding them). It is truly anything goes, with no rules other than those imposed by the site owners themselves. The pure anonymity brings out different sides of people.
How can it be “purely” anonymous?
When people use the clear web – the one we use every day and access through Google – everything is recorded somewhere. IP addresses can be released and tracked, and any site hosting illegal material will soon be shut down by authorities. On the dark web, sites that are illegal can operate openly and brazenly, without any fear that the people behind them can be traced.
This is why you get the closed network or “darknet” markets that look exactly like eBay or Amazon and are almost as user-friendly. They are open to the masses, and anyone can go and browse through pictures of cocaine, heroin, arms, poisons, stolen identities and financial information, pop them into a basket and buy them at the checkout. Similarly, where there are deviant communities of people, they can communicate openly, without the worry that their IP addresses or identities will be unmasked.
How does the dark web’s most popular browser, Tor, preserve anonymity?
Basically, a network of volunteers’ computers bounces traffic around the globe, which prevents anyone conducting network surveillance or traffic analysis from being able to discern a user’s location or usage. Data gets encrypted at each bounce until it reaches its destination, where it is decrypted without the final destination being able to tell where it has come from.
What was your first impression of Tor when you downloaded it?
It took me only minutes to download the browser and it’s free. It’s not as glamorous-looking as I expected; many of the sites are very plain and slow. It can get down to old dial-up speeds.
You’ve spent the last five years investigating the dark web. What’s the big fascination?
It began for me with Silk Road, the dark web drugs bazaar set up in early 2011 that sold every drug imaginable. I knew several people who were using Silk Road – to buy marijuana, ecstasy and cocaine – but it was also much more than just a market to buy drugs.
I’m a strong advocate for drug law reform. I believe that prohibition, the “war on drugs”, is killing people. Silk Road seemed to offer a safer alternative to people who were going to buy drugs anyway, by providing harm-reduction advice and sellers who had public feedback – in much the same way as eBay or Amazon – which encouraged quality control. Silk Road had a philosophy of not selling anything “the purpose of which is to harm or defraud another person” and offered customers the opportunity to purchase drugs in a violence-free environment.
I didn’t agree with most of the extreme libertarianism of Silk Road, but some things resonated. I became an active member of the Silk Road community, engaging with the many characters who inhabited that world. From there I started my website, All Things Vice, which was mostly dark web-related news.
Transactions on the dark web have traditionally been via the electronic currency bitcoin, which is virtually untraceable.
Bitcoin was the original cryptocurrency of choice on the dark web, created in part as a response to the global financial crisis as a “f… you” to the banks. Neither the sender nor the receiver needed to know the identity of one another.
How does bitcoin work?
A customer finds someone who is selling bitcoin, which is perfectly legal. Once they agree to a price, the customer makes a cash deposit into the bitcoin seller’s account, and once that happens, the agreed amount of bitcoin is transferred into the digital address provided.
Do you see bitcoin becoming the major currency of the 21st century?
Maybe not bitcoin, but certainly cryptocurrency. Bitcoin itself has fallen victim to its own popularity over the past year, becoming slow and expensive to transfer because it was not designed to be so heavily used. However the technology that underpins it, the blockchain, is being developed in all kinds of legitimate ways and new cryptos are emerging daily. Most of them are scams or pump-and-dump schemes, but some have shown ongoing stability.
Many people say bitcoin will be the Myspace of cryptocurrency: the trailblazer, dominant in the early days, but eventually taken over by a superior kind of Facebook or Instagram.
Administrators of markets within the dark web are now experimenting with other currencies, such as monero and litecoin, which may become the currency of choice.
Silk Road was shut down in late 2013 by US authorities and its kingpins later jailed, but a huge amount of bitcoin went missing. You interviewed a Silk Road supplier called Mongoose in prison in Bangkok who had a theory …
Mongoose is probably “Variety Jones”, one of the original architects of Silk Road; he’s considered by many the brains behind the operation. After Silk Road was taken down by US authorities, they seized bitcoin worth several million dollars, but a lot of the currency couldn’t be accounted for: estimates ranged between 400,000 and 600,000 missing bitcoins. Ross Ulbricht (the owner of Silk Road) led a simple life in San Francisco; there’s no evidence he cashed out the bitcoins he amassed. Four-hundred-thousand bitcoins would be a gobsmacking $6 billion today; a single bitcoin was worth less than $1 when Silk Road started.
During the Silk Road investigation, two of the lead agents – one with the US Drug Enforcement Administration, the other with the Secret Service – were found to be corrupt, feeding Ross Ulbricht information in return for payment. These two are now serving prison sentences in the US. The defence team of Ulbricht unearthed an as-yet-unidentified third rogue law-enforcement agent.
Mongoose ran a tale that this rogue agent got it into his head that Mongoose knew how to extract the missing bitcoin from Ulbricht. He said the agent had threatened to kidnap Ulbricht’s family until he gave up the whereabouts of the bitcoin. However, Mongoose is a “colourful” character to say the least, and it’s difficult to separate fact from fantasy.
Did Silk Road have links with drug cartels?
The markets that came after it dwarfed Silk Road’s size in both the number of illegal goods for sale, and profits. That said, dark web transactions form a miniscule part of the worldwide drug trade. So far none of the owners of the sites who have been identified have had any obvious links to organised crime or cartels. Obviously, some of the drugs would originate from the cartels and it is likely some organised crime groups are on the dark web as vendors.
British model Chloe Ayling recently grabbed headlines after claiming she’d been kidnapped in Milan by two men who planned to auction her on the dark web. Since Ayling’s release, the truth of her story has been questioned by authorities. Do sex auctions really happen on the dark web?
While there is no doubt human traffickers use the dark web to communicate and conduct business, there is zero evidence of sites where public auctions of kidnapped Page 3 models take place.
Ayling’s captors were supposedly going to auction her on a site called Black Death. Is this real?
There is certainly a site called Black Death on the dark web, but I doubt you will receive a blonde in the mail if you send them bitcoin. Motherboard, an online magazine, published an article on Black Death a couple of years ago, and readers soon matched the photographs that were supposedly girls for sale with stills from BDSM movies on Pornhub.
What about hit men on sites like Besa Mafia, offering everything from a savage dog bite on a target to a fatal gunshot?
Hit-man services are a staple of the dark web. In my book I go through trying to hire one to kill a (fictional) ex-husband of mine. People tend to think of hit men as the suave, stealthy assassins we see in the movies, but often their advertisements are barely literate. Besa Mafia was different, offering a slick website interface and the proven techniques of the darknet markets of bringing buyers and sellers together. The idea was that the hit man and the person ordering the hit would never need to know each other’s identities, but mistakes get made. I attended a trial in Minnesota of someone who paid Besa Mafia $US13,000 to murder a devoutly religious wife and mother and there were a lot of twists and great detective work that went into unmasking her killer.
You were threatened by Besa Mafia.
After I started writing about Besa Mafia’s operations, the owner started bombarding me with threats: everything from hacking my computer and placing child porn on it, to sending one of his operatives to beat me up and rape me. He was fond of reminding me that I didn’t know who or where he was, but he knew who I was and where I lived. As I’m still standing, I can tell you my relationship with the potential hit man took an unexpected turn.
Is it fair to say that “white collar” crime – stolen credit cards, forgeries, stolen banking details – is increasing on the dark web?
I’m not sure I would consider it “white collar”, as it’s generally seen as one of the lowest classes of crime within the darknet markets. “Carders” are often treated with derision as common thieves. Silk Road didn’t allow the sale of anything designed to defraud others, so back in those days “carders” operated in completely separate markets.
More recent mass markets within the dark web allow such sales, but many drug buyers are uncomfortable sharing a place with them. There are fewer technical barriers to getting into carding now, so more people are doing it. Fake IDs have always, and will always, be a staple of any sort of crime, online or off.
Just when we might think some of the stories of the dark web may be sensationalised, we discover that British paedophile Matthew Falder has just been jailed for 32 years in the UK for crimes including encouraging child rape on the site Hurt 2 The Core. Police described the geophysics researcher as the worst sex offender they have encountered online.
Matthew Falder was caught as part of the multinational taskforce sting that brought down the dark web’s PedoEmpire network, which was run by Australian Matthew Graham. Hurt 2 The Core was a PedoEmpire site dedicated to sourcing, sharing and discussing all aspects of “hurtcore”. Hurtcore is a fetish for people who get aroused by the infliction of pain, or even torture, on another person who is not a willing participant.
Although it can apply to animals, adults or children, the hurtcore sites on the dark web tend to be almost exclusively a subset of the paedophile sites. It can be so sadistic that even most paedophiles are repulsed by it. Videos and photos generally come out of poverty-stricken countries, but the market is worldwide. Falder was unique in that he forced his victims to torture themselves rather than abuse them personally. He used the Hurt 2 The Core forums to crowd-source ideas for blackmailing his victims into increasingly humiliating and painful acts. These were the most difficult sections of the book to write.
It took up to 100 investigators four years to track and detain Falder, and he’s just one of possibly thousands of evil doers on the dark web. What does that say about its impenetrability?
The dark web creates a lot of problems for law enforcement because they can’t track users through the usual computer methods. They have to rely on old-fashioned detective work, trying to identify users through distinctive features in pictures and videos, or through social media.
The paedophilia scene adds a further layer of complexity because the vast majority of it is not commercial. With the drugs/weapons/fraud markets, there is a money (or cryptocurrency) trail to follow. Illegal porn tends to be made and shared among participants for free.
To get access to the most extreme sites, members have to provide original material depicting child abuse, so obviously law enforcement can’t participate in that. At best, they can hope to take over the account of someone they have busted, but even that can be short-lived as members have to constantly produce new material or be locked out.
Law enforcement has undertaken some very controversial methods, including running one of the largest paedophile sites in the world for more than a year in order to try to identify as many offenders as possible.
What is the biggest myth about the dark web?
The biggest myth by far is that it’s 10 times larger than the internet; this gets propagated by tabloid media all the time. It stems from a lot from people using the terms “deep web” and “dark web” interchangeably when they are different things. The deep web is just everything that you won’t reach using Google or any other search engines, such as the pages behind a pay wall or a password (your banking details, for example). The dark web makes up a tiny fraction of the deep web. A really, really tiny fraction. It’s infinitely smaller than the clear web.
As for myths of what can be found on the dark web, many people believe there is a further, deeper, darker section of the dark web, called Mariana’s Web or the Shadow Web, containing the greatest horrors. Snuff movies. Gladiator fights to the death. A collection of psychopaths who play demented games of conkers, swinging babies by their ankles to try to crush the skull of their opponent’s child. They’re all just creepy stories.
The most popular myth of all is “red rooms”, where people – usually women – are tortured to death live on camera while those who have paid to watch type in torture commands in a chat box. Think the movie Hostel, with webcams. There is some truth to this rumour, but the execution is not like you see in the movies. Most notably, because it involves children, not adults.
How big a problem is “doxxing” on the dark web: releasing someone’s personal data (address, phone number, email) to blackmail them?
To be honest, I’ve seen very little of this, in the way you describe it, on the dark web. It’s more common on the clear web. The greatest crime you can commit within a dark web community is the doxxing of somebody. Every illegal market or forum will remove any attempts to dox one of their users and ban the username that posts the information. It is considered the digital equivalent of ratting on someone to law enforcement. On the other hand, those same markets have no problem selling stolen personal information from hackers that will be used for financial gain.
Many people who use the dark web aren’t criminals. Whistleblowers, journalists and free-speech advocates can depend on it. Does the dark web have its place?
It most certainly does. The dark web is a useful tool for people who need privacy and secrecy: people living under oppressive regimes may use it to share views that oppose their government, or even just to access Facebook. Journalists can use it to safely confer with their sources; humanitarian workers can use it to meet and discuss their work. Whistleblowers can upload documents and data without any chance of it being digitally traced back to them. WikiLeaks is an example of an early adopter of Tor for whistleblowers.
There are those who believe the dark web is the future of the internet and that this will be a good thing because it will give us our privacy back. Our mobiles and PCs contain our entire life, information that is being heavily mined by everything from Facebook to the banks.
Most of us somewhat willingly give up our privacy for the convenience of cookies remembering our login details, or how much of a video we watched, or which sporting event we’ve been to recently. Everywhere we go online, we leave a digital footprint: of our browsing history, our purchases, our taste in clothes, our political affiliations, our physical location. We happily hand over detailed personal information to a company in the hope of getting a free latte when we walk past a coffee chain. We’ve given up our privacy for convenience, and that’s not always a good thing.
Social networks like Facebook and Twitter seem to be particularly vulnerable to hackers and evidence suggests the malware problem – malicious software that spreads viruses and Trojan horses – is growing.
Are you telling us we should be more worried about the clear web than the dark web?
Most people should be much more worried about the clear web. Especially with the amount of information we provide to social media both knowingly and unknowingly: we have pretty much entered a post-privacy world, where our online lives are tightly connected to our offline lives, with the result that our information is up for sale.