Big crime, big borders and the bitcoin

Big crime, big borders and the bitcoin

Crypto currency is blurring the trail for investigators tasked with identifying sites that market elicit goods

In these days of secure e-commerce, why go out when you can rest easy in the comfort of your home and have just about anything in the world delivered to you? 

That was no doubt the mindset of the millions of shoppers perusing goods on the now infamous website Silk Road—one of the many clandestine marketplaces of the “deep web” that matched buyers interested in things like opioids, cocaine, MDMA and “biotic materials” with drug distributors and suppliers. On October 2, 2013, Ross William Ulbricht, alleged by the FBI to be the owner of Silk Road and ultimately "Dread Pirate Roberts," was arrested in San Francisco on suspicion of drug trafficking, facilitating computer hacking, and money laundering.

But it went deeper than that. Ulbricht was also charged with soliciting murder when he was alleged to have communicated with an undercover agent to have his website administrator tortured and killed in order to recover funds stolen from users.

Homeland Security Investigations (HSI) website claims approximately $3.6 million in bitcoin were uncovered through the course of investigation, and estimates the business processed $1.2 billion worth of business and earned commissions totaling 600,000 bitcoins, or about $80 million using current bitcoin rates at the time of the seizure.

More criminals are taking their commerce online, to somewhere far beyond license plates, social security numbers, Federal-stamped dollars and coins, and state and local jurisdiction. ‘Online’ is a vast place that promises lots of anonymity, as well as eager collectors and co-conspirators. There is little in the way of a “paper” trail in these cases, and hardly anyone around to recall a face.

Scott Schober, President and CEO of Berkeley Varitronics Systems and cybercrime expert says “Cyber criminals…usually have money as a motive for their crimes, and a lot of times they have a lot of patience. They don’t need the money instantly in their hand, they may wait. If it’s identity theft it may take six months to a year before they use that information to steal money.”

For some it’s about opportunity. For others, it’s bigger than that. It’s about building something. We are talking about highly technological, highly organized borderless crime. Many cybercrime investigations span multiple countries. Because of this, upper-level law enforcement orgs must work closely with state and local agencies to put the pieces together.

“There’s always a catch-up that seems to be happening; and that’s true for the government agencies, be it the FBI and CIA and the different law enforcement agencies supporting them,” says Schober. “Because some of the criminals are so advanced…a lot of times they’re exploiting weaknesses that aren’t yet known.”

Eric Feldman is unit chief of cybercrimes with U.S. Immigration and Customs Enforcement (ICE), a division that employs more than 250 certified computer forensic analysts and a number of special agents. This center is the main investigatory agency for transnational crime, including human smuggling; human/weapons/narcotics trafficking; child exploitation, money laundering, etc. He says with the international nature of crimes online, they are generally not something a state or local department can work beginning to end. “That’s why partnership is so important.” He says education is the key to keep state and local engaged throughout the investigation to get those prosecutions. The cybercrime center is constantly producing and refining training to keep its workforce up-to-speed on changing technology. They work closely with the Department of Homeland Security and academic communities.

 “Cybercrime is a multibillion dollar elicit economy and we have to…diligently position ourselves to be able to combat that threat. I wish street crime went down with the increase of crime online but of course it doesn’t. It’s just another mechanism for criminals to hide behind,” says Feldman.

The Silk Road was a high profile case that shone a bright light on underground marketplaces and the anonymous nature of currency exchange. There are many other such “marketplaces of vice” alive and well, some 100 percent elicit, buried deep beneath the layers of the encrypted Tor network, the same network Edward Snowden used to send information about PRISM to the Washington Post and the Guardian in 2013. Tor software masks the true Internet protocol addresses of its users, thereby providing complete anonymity. Not long after Silk Road was detected, Silk Road 2.0 sprang up ready to continue doing business.

Silk Road at least banned child porn. But that’s not to say other users aren’t buying the material with untraceable crypto currency, and not all of these sites are buried. The UK’s Internet Watch Foundation (IWF) released a report in March, authored by IWF Technical Researcher Sarah Smith, which warned UK business websites against hackers looking for targets to host sexual abuse images and video. The report states “This commercial child sexual abuse material is unique in that it purports to accept payment only in bitcoins.”

The links in these cases are typically distributed via spam emails to internet users. The links lead to a hacked website (of a legitimate business) and further re-direct users to commercial child abuse images on a second hacked website. This means businesses and internet users need to be on the lookout and keep best security practices in mind. It means, too that federal agents and investigators have yet another layer of deception to work through.

“We need to keep pace with the trends that criminal organizations are utilizing to make themselves anonymous,” says Feldman. “Virtual currency, the Tor network, anything that somebody can do to hide their activity online becomes a problem for us that we need to solve.”