What Is Selling On the Dark Net?

Spying on the digital underground requires discrete and technically capable police and Germany's Federal Criminal Police Office (BKA) has presented a new study on cybercrime, although they do not intend to shut the darknet down.

Coming as it did after the announcement that a teenager who killed 9 people in July before turning his gun on himself had purchased the weapon on the darknet, media interest was huge when the German Federal Police Office (BKA) presented its 2015 cybercrime report recently.

The illegal trading platform is a semi hidden part of the Internet where those in the known can use special search engines to move in total anonymity - well, almost total.

"The Internet is not a space that is beyond criminal prosecution," BKA boss Holger Munch said several times on Wednesday 13th Sept. in a briefing about the report's findings. It was in part a hopeful invocation.

About 140 BKA investigators are currently tasked with tracking cybercrime, and Münch told DW that the darknet was their main focus. At the moment, the BKA is conducting 85 criminal investigations into the sale of arms and explosives on the darknet, Münch said.

He estimated that the number of weapons sold on the darknet still pales in comparison with commerce on the analog black market, but perhaps not for long. "Very dangerous weapons are being sold there," Münch said, adding that cybercrime is "still a growing phenomenon."

"Here and there it has even become an industry," Münch said.

'A growing phenomenon'

Though impressive, the BKA's statistics do not reflect the complexity of cybercrime. For 2015, the agency documented 45,000 cases of cybercrime that can be directly linked to Germany, for a total value of 40 million euros. Global cybercrime stastics are much higher. And then there are the victims who don't report offenses - and those who do not know that a cybercrime has occurred.

Münch cited a 2015 study by the German Institute for Economic Research (DIW). Using to a broad-based survey, DIW experts estimated that the financial damage from the four largest areas of internet crime - phishing, identity theft, fraudulent goods and services, and malware - totaled 3.4 billion euros.

The BKA boss said detectives were confronting the threat with a "combination of investigative approaches from the analog and digital worlds," with information technology experts and police detectives working side-by-side at the BKA. Undercover investigators are operating in the virtual world, and in the real world they are attempting to coerce people active in the scene to work as informants.

Münch said the BKA had had a number of investigative successes, including closing down five illegal darknet trading platforms in Germany last year. Internationally, Münch said, the BKA was involved in closing down 30 further darknet marketplaces and had gathered evidence for cases against their operators, dealers and customers.

According to The Economist, the darknet's vendors overwhelmingly deal in drugs, which are generally sold at much higher prices than on the street, although they are also of higher quality. Goods are paid for anonymously using the cryptocurrency bitcoin and are then shipped to purchasers - sometimes even via regular post.

Also traded are counterfeit money, credit card data, knockoff branded goods and, as the attack in Munich made clear, weapons.

Other Cybercrimes

The BKA report detailed a growing number of cases of blackmail using special malware known as ransomware. Such software can be purchased by criminals, even those who have few technical skills, on forums in the digital underground. Once installed on unwitting users' computers, commonly via infected files, ransomware automatically encrypts all of the data on the device, forcing victims to pay bitcoin ransoms to restore access to their information.

As the digital world slowly becomes a center of commerce through Industry 4.0, the Internet of Things, criminals are increasingly finding new opportunities for digital attacks. Münch said gaming consoles and even refrigerators had been targeted by denial-of-service attacks, which can make devices unusable until, once again, a digital ransom is paid.

Despite the potential for abuses, the darknet fulfills an important function for people who live under oppressive regimes: It enables the exchange of information and freedom of expression. In those places, law enforcement polices ideas in the way that the German authorities chase cybercriminals.

"We have to be flexible and react as quickly as the perpetrators," Holger Münch said. "We have to work together nationally and internationally. And we have to be on top of our game technically and tactically."

Deutsche Welle

You Might Also Read: 

German Police Catch Suspect in Global Cyber Crime Operation:

International Police Start Crackdown On The Darknet:

Interpol is Training Police to Fight DarkNet Crime:

 

« A Global Issue: Cybercrime In Singapore
Banks Join Forces to Fight CyberCrime »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

CERT.br

CERT.br

The Brazilian national Computer Emergency Response Team

FDM Group

FDM Group

FDM Group is an international Professional services company with a focus on IT. Services offered include Software Testing, and Information Security with a focus on operational security and compliance.

HyTrust

HyTrust

HyTrust specialises in security, compliance and control software for virtualization and cloud environments.

SecurePay

SecurePay

SecurePay is Australia's premier payment gateway, with a range of secure online payment solutions for online retailers, SMEs and enterprise businesses.

HDI Global SE

HDI Global SE

HDI Global SE provides customised insurance solutions for industrial and commercial clients worldwide including Cyber Liability insurance.

Privitar

Privitar

Privitar is leading the development and adoption of privacy engineering technology enabling our customers to innovate and leverage data with an uncompromising approach to data privacy.

Hexatrust

Hexatrust

The HEXATRUST club was founded by a group of French SMEs that are complementary players with expertise in information security systems, cybersecurity, cloud confidence and digital trust.

Maximus Consulting (MX)

Maximus Consulting (MX)

Maximus designs and delivers corporate-wide information security management system with our full-time IRCA Accredited consulting team.

Prove Identity

Prove Identity

Prove (formerly Payfone) is a leader in mobile & digital identity authentication for the connected world.

GAVS Technologies

GAVS Technologies

GAVS is a global IT services provider with focus on AI-led Managed Services and Digital Transformation.

Cybersecurity Maturity Model Certification Center of Excellence (CMMC COE)

Cybersecurity Maturity Model Certification Center of Excellence (CMMC COE)

CMMC COE is an IT-AAC sponsored public–private partnership that will be the focal point for entities seeking to achieve Cybersecurity Maturity Model Certification.

Chainlink

Chainlink

Chainlink expands the capability of smart contracts by enabling access to real-world data and systems without sacrificing the security and reliability guarantees inherent to blockchain technology.

Mobileum

Mobileum

Mobileum is a leading provider of Telecom analytics for roaming, security and risk management and end-to-end domestic and roaming testing solutions.

Cyber Legion

Cyber Legion

Cyber Legion Ltd is a UK-based Cyber Security as a Service (CSaaS) start-up that provides IT security testing services to various organizations around the globe.

Covenant Technologies

Covenant Technologies

Make Covenant Technologies the only choice for your IT and cybersecurity recruitment needs. We deliver quality candidates at the forefront of the cybersecurity and IT industry.

Oak9

Oak9

Oak9's Security as Code platform dynamically secures Infrastructure as Code (IaC) and deployed cloud workloads, automatically.