What Is Selling On the Dark Net?

Spying on the digital underground requires discrete and technically capable police and Germany's Federal Criminal Police Office (BKA) has presented a new study on cybercrime, although they do not intend to shut the darknet down.

Coming as it did after the announcement that a teenager who killed 9 people in July before turning his gun on himself had purchased the weapon on the darknet, media interest was huge when the German Federal Police Office (BKA) presented its 2015 cybercrime report recently.

The illegal trading platform is a semi hidden part of the Internet where those in the known can use special search engines to move in total anonymity - well, almost total.

"The Internet is not a space that is beyond criminal prosecution," BKA boss Holger Munch said several times on Wednesday 13th Sept. in a briefing about the report's findings. It was in part a hopeful invocation.

About 140 BKA investigators are currently tasked with tracking cybercrime, and Münch told DW that the darknet was their main focus. At the moment, the BKA is conducting 85 criminal investigations into the sale of arms and explosives on the darknet, Münch said.

He estimated that the number of weapons sold on the darknet still pales in comparison with commerce on the analog black market, but perhaps not for long. "Very dangerous weapons are being sold there," Münch said, adding that cybercrime is "still a growing phenomenon."

"Here and there it has even become an industry," Münch said.

'A growing phenomenon'

Though impressive, the BKA's statistics do not reflect the complexity of cybercrime. For 2015, the agency documented 45,000 cases of cybercrime that can be directly linked to Germany, for a total value of 40 million euros. Global cybercrime stastics are much higher. And then there are the victims who don't report offenses - and those who do not know that a cybercrime has occurred.

Münch cited a 2015 study by the German Institute for Economic Research (DIW). Using to a broad-based survey, DIW experts estimated that the financial damage from the four largest areas of internet crime - phishing, identity theft, fraudulent goods and services, and malware - totaled 3.4 billion euros.

The BKA boss said detectives were confronting the threat with a "combination of investigative approaches from the analog and digital worlds," with information technology experts and police detectives working side-by-side at the BKA. Undercover investigators are operating in the virtual world, and in the real world they are attempting to coerce people active in the scene to work as informants.

Münch said the BKA had had a number of investigative successes, including closing down five illegal darknet trading platforms in Germany last year. Internationally, Münch said, the BKA was involved in closing down 30 further darknet marketplaces and had gathered evidence for cases against their operators, dealers and customers.

According to The Economist, the darknet's vendors overwhelmingly deal in drugs, which are generally sold at much higher prices than on the street, although they are also of higher quality. Goods are paid for anonymously using the cryptocurrency bitcoin and are then shipped to purchasers - sometimes even via regular post.

Also traded are counterfeit money, credit card data, knockoff branded goods and, as the attack in Munich made clear, weapons.

Other Cybercrimes

The BKA report detailed a growing number of cases of blackmail using special malware known as ransomware. Such software can be purchased by criminals, even those who have few technical skills, on forums in the digital underground. Once installed on unwitting users' computers, commonly via infected files, ransomware automatically encrypts all of the data on the device, forcing victims to pay bitcoin ransoms to restore access to their information.

As the digital world slowly becomes a center of commerce through Industry 4.0, the Internet of Things, criminals are increasingly finding new opportunities for digital attacks. Münch said gaming consoles and even refrigerators had been targeted by denial-of-service attacks, which can make devices unusable until, once again, a digital ransom is paid.

Despite the potential for abuses, the darknet fulfills an important function for people who live under oppressive regimes: It enables the exchange of information and freedom of expression. In those places, law enforcement polices ideas in the way that the German authorities chase cybercriminals.

"We have to be flexible and react as quickly as the perpetrators," Holger Münch said. "We have to work together nationally and internationally. And we have to be on top of our game technically and tactically."

Deutsche Welle

You Might Also Read: 

German Police Catch Suspect in Global Cyber Crime Operation:

International Police Start Crackdown On The Darknet:

Interpol is Training Police to Fight DarkNet Crime:

 

« A Global Issue: Cybercrime In Singapore
Banks Join Forces to Fight CyberCrime »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

KayHut

KayHut

KayHut is a young, innovative company engaged in cyber research and security solutions.

Subex

Subex

Subex leverages its award-winning telecom analytics solutions in areas such as Revenue Assurance, Fraud Management, Asset Assurance and Partner Management, and IoT Security.

Endian

Endian

Endian’s mission is to provide a secure platform that connects distributed people and things, simplifying the digitalization of businesses.

bluedog Security Monitoring

bluedog Security Monitoring

Sentinel from bluedog provides powerful and affordable internal network monitoring.

A3Sec

A3Sec

A3Sec provides professional solutions in the areas of Cybersecurity, Device Monitoring, Business Intelligence and Big Data.

At-Bay

At-Bay

At-Bay is the world’s first InsurSec provider designed from the ground up to help businesses tackle cyber risk head on.

Institute of Informatics and Telematics (IIT)

Institute of Informatics and Telematics (IIT)

IIT carries out activities of research, assessment, technology transfer and training in the field of Information and Communication Technologies and of Computational Sciences.

Civic Technologies

Civic Technologies

Civic’s Secure Identity Platform (SIP) uses a verified identity for multi-factor authentication on web and mobile apps without the need for usernames or passwords.

Dutch Innovation Park

Dutch Innovation Park

Dutch Innovation Park in Zoetermeer is a breeding ground for applied IT solutions in the field of cyber security, e-health, smart mobility and big data.

Splone

Splone

Splone is a Berlin-based IT security research team and consultancy. We help improve IT-security by offering red team assements, penetration tests, audits and customized consulting.

DataViper

DataViper

DataViper is a threat intelligence platform designed for organizations, investigators, and law enforcement.

CAPSLOCK

CAPSLOCK

CAPSLOCK delivers career-changing cyber training to help adults re-skill. Learn online to become a cyber security professional and pay no tuition until you land a high-paying job.

CloudCover

CloudCover

CloudCover is a software-defined cybersecurity risk solution that provides risk awareness, risk analytics, and data security in real time.

Saporo

Saporo

Saporo helps organizations increase their cyber-resistance. Continuously map your attack surface and get the recommendations you need to make your organization more resistant to attacks.

Positiwise Software Pvt Ltd

Positiwise Software Pvt Ltd

Positiwise Software offers end-to-end software development solutions to accelerate the digital growth of businesses.

Hicomply

Hicomply

Hicomply simplifies compliance management with smart, user-friendly tools, helping you scale your processes and stay in control - no matter how complex.