What Europe Can do to Catch Dark Web Criminals

In a celebratory tweet, Europol, the pan-European law enforcement organization, wrote after a meeting in May establishing a task force on the dark web that “the Dark Web is no longer a hiding place for criminals!” For good measure, they added a fist emoji to the tweet.

While a bit too optimistic for our taste, it's a very good sign. Europe is ready to get serious about fighting crime schemes hatched on the dark web, the infamous home of hackers, pedophiles, terrorists, and other undesirables. Representatives of 28 countries met in The Hague to discuss “how best countries can work together with Europol’s recently established dedicated dark web team, and pursue its aim of fighting crime on the dark web,” according to an EU press release.

According to the release, the meeting resulted in the creation of a dark web investigation team, which will “share information, provide operational support and expertise in different crime areas, and develop tools and approaches to conducting dark web investigations.”

While the press release emphasized the determination of EU countries to clean up the dark web, it was a bit short on detail. It's probably unrealistic to expect a press release announcing the establishment of the investigative unit to describe in depth the methods and tactics to be used, but it's a fact that tracking down criminals on the dark web is extremely difficult.

Exact numbers are very hard to come by, but sites that report on the dark web indicate that there are several hundred arrests made each year. Considering the size of the dark web – estimated to be nine times bigger than the surface web – and given the fact that much of it is dedicated to criminal activity, that could be considered a very small number.

It's the fluid nature of the dark web – the fact that it cannot be indexed or searched in the same way the surface web is, that all aspects of it are anonymous, that sites disappear as quickly as they appear – that makes tracking down criminals so difficult.

For example, it took authorities from five agencies half a year and countless resources to track down a longtime drug dealer on the dark web in a recent case last year, and they caught him only because of several mistakes he made, including traveling to a contest in Texas to show off his distinctive beard.

Relying on criminals' mistakes is not how Europol – or any other agency – will be able to back up that enthusiastic tweet. How then can they do so? The only way is to proactively search out dark web criminals, and establish patterns of behavior and links to activities on the surface web.

The only way to do that search is by utilizing specialized software and systems that can scan the dark web and collect this information. Part of that specialization is the requirement that systems be robust enough to scan dozens, if not hundreds of dark web sources and develop a profile that can be analyzed.

That analysis entails looking for connections and threads that can lead to the possible identity of cyber-criminals. For example, a thorough search of a dark web transactions can lead to the identity of a server where a dark web criminal converts cryptocurrency into regular money. Cyber-criminals eventually have to do that if they want to buy non-virtual products, or they could try to move the money into a bank account somewhere. The bottom line is that in many cases, criminals leave strong identifiers that help in the process of tracking them down – and a good analysis system will take advantage of that.

That kind of advanced analysis system can make those connections even in the wake of the advanced tools hackers use today - which makes it even harder than it has been to track them down.

Teams employing advanced analytics can more quickly and efficiently take advantage of investigations that have already been done in previous cases, which can provide insight into the patterns of behavior of hacking gangs, and help authorities track them down more efficiently.

The more the dark web is monitored, and the more its secrets are unearthed, the more its data can be analyzed - making it more likely that criminals will be caught, sooner rather than later.

Hackers aren't going anywhere; indeed, incident after incident shows that they are only getting more active, deploying more tools and more sophisticated tools. According to the EU’s own figures, more of that criminal activity than ever is taking place through the dark net.

Between them, the 28 countries involved in the program could make a huge difference in stamping out dark web crime – if they use their resources wisely. Let's hope that they do.

What’s Hot on Infosecurity Magazine?