A new study into deep web marketplaces for illegal drugs reveals some of the ways that law enforcement use to catch online drug dealers.
The study, which was published by RAND Europe, was created with the help of law enforcement workers from around the world. It sheds light on some of the methods they use to catch people who buy or sell drugs online.
Here are some of them:
Sometimes nothing beats good, old-fashioned police work. Once the police suspect someone of dealing drugs, monitoring their movements in the real world can show what they do online. “Physical observation and undercover operations, exploit the weak links in the chain where the digital and offline worlds meet,” the study says. One law enforcement worker even refers to physical observation as “the ‘Achilles’ heel’ of vendors.”
When police arrested the original Silk Road founder, Ross Ulbricht, in 2013, they were able to tie his real identity to his online career from watching where he went in the real world. He left his apartment and walked to nearby coffee shops or libraries to use public Wi-Fi networks, and that coincided with the administrator of The Silk Road coming online.
Getting data from other websites
Drug dealers don’t just use the deep web to sell their product securely — they also surface on the public internet to talk about their trade. That makes them much more vulnerable. Deep web sites are unlikely to turn over user data to police, but mainstream sites are usually legally required to.
One high-profile example of law enforcement using public internet posts to get information on drug dealers happened in 2015 when the Baltimore Department of Homeland Security (DHS) Immigration and Customs Enforcement sent a legal request to Reddit for information on five users who posted on the r/darknetmarkets forum. The five users all discussed illegal drug sales, and police wanted their IP addresses (which can reveal their physical location) and other information from Reddit.
Even the biggest names on the deep web get sloppy. Another reason for the downfall of Ulbricht was the discovery of his old forum posts referencing The Silk Road, which were registered using the email address [email protected]
The study shows that law enforcement agencies work with parcel companies and post offices to examine suspicious packages. The real-world transfer of drugs is a vulnerable part of the transaction, as it involves trusting the postal service not to uncover the illegal substances being sent through the mail.
One law enforcement worker interviewed as part of RAND’s study says police can obtain tracking numbers from parcel companies and follow parcels, eventually leading them to the recipient. That’s when they can set up what’s referred to as a “controlled delivery” (CD), where police monitor the delivery, wait until it’s in the hands of the buyer, and then arrest them.
That works for catching the buyer, but what about the seller? They’re a much bigger target, after all. The study says that some sellers have been known to include return addresses on their packages, so once police have the drugs, they just have to look up the return address.
It’s not easy to know which packages to intercept, though. “Vendors use highly sophisticated concealment techniques in shipping drugs,” RAND says.
One common technique for disguising packages of pills is vacuum-sealing them to stop odour escaping, and then placing them inside a DVD case to fool X-ray machines.
Big data and machine learning
If police want to discover the identities of deep web drug dealers, then they’re going to need a lot of data. It’s been suggested that they could gather together IP addresses and online posts to examine them using machine learning, a type of artificial intelligence that gradually teaches itself what to do. That would be an expensive way to monitor drug marketplaces, and the RAND study notes that it’s unaware of anyone who is actually doing this yet.
Follow the money
Deep web drugs aren’t free — people have to buy them with the cryptocurrency bitcoin.
It’s difficult to track who actually owns bitcoin as they move through the internet. The weak point, though, is when cash is turned into bitcoins, and when they’re converted back into cash.
Police can demand customer details from bitcoin exchanges, the sites used to buy the cryptocurrency.
Law enforcement workers interviewed as part of focus groups for the RAND study also said that police collaborate with banks to spot money that may be used to buy drugs.
We’ve already dealt with undercover police work in the real world, but it happens online too. RAND says police carry out “undercover or covert operations” to find out more about deep web drug marketplaces. Police often pose as buyers, sellers, or people who help run the site in order to disrupt operations and reveal the identities of key users.
A good example of undercover policing is how Ross Ulbricht was kept talking shortly before he was arrested. An undercover officer had managed to infiltrate the small circle of administrators on The Silk Road, and he talked to Ulbricht as police prepared to arrest him.
There’s a specific phrase for trying to corrupt an online drugs marketplace: “Lemonising.” The name comes from a 1970 economic paper named “The Market for Lemons: Quality Uncertainty and the Market Mechanism” which outlined a procedure in which a market can degrade to the point where inferior “lemon” products become popular.