The world is an interconnected society, with information traveling at the speed of electrons.1 Over 40 percent of the world population is connected to the Internet—nearly 3.7 billion people—making it a vital thread in the fabric of society.2 Social networking, digital news, and e-commerce on the Internet are the norm. It might be surprising to consider that the first Internet browser was invented in 1990—less than 30 years ago.3 In 1995, less than 1 percent of the world’s population accessed the Internet.4 At that time, no one could have imagined how transformative the Internet would be to society. Considering that many current law enforcement executives were of working-age by the time the Internet was in widespread use, it is easy to see how criminal activity on the Internet and law enforcement’s capability to combat cybercrime are apparently out of sync.
The Internet allows one to be interconnected via information and perception, but simultaneously disconnected from direct human observation. This form of human interaction provides a degree of anonymity. With this anonymity, though, comes the risk of increased criminal behavior—creating a realm of crime that poses geographical and technological problems for law enforcement.5 Many of these crimes emerge from the “dark web,” so the first necessary step is that law enforcement understand what the dark web is and how it impacts law enforcement’s attempts to control online crimes. The dark web is a confusing place shrouded by anonymity, akin to an alleyway in a gang-ridden neighborhood—a common site of crime hidden from plain sight. Yet, unlike an alleyway that is actively patrolled by law enforcement, the police rarely drive down this “digital alleyway.”
The Digital Alleyway
There are around 4 billion websites indexed on Internet search engines and accessible to the average user.6 These websites are on a part of the Internet most people interact with daily, known as the surface web. The deep web, on the other hand, consists of areas of the Internet not easily accessible on a browser. This includes virtual private networks, corporate databases, and websites not directly linked to the surface web. It is estimated the deep web is considerably larger than the surface web—by 400 to 500 times. Only .2 percent of the Internet is estimated to be on the surface web; the other 99.8 percent of Internet data resides on the deep web.7
Within the deep web resides the dark web.8 The dark web consists of a highly encrypted network, with websites hidden from standard search engines. It is accessible via The Onion Router (TOR) web browser engine, developed in 2002, using a variety of hidden servers to access these sites. Moreover, it is unknown how many users access the dark web.9 Due to the anonymity and encryption it offers, the dark web is often associated with criminal activity on the Internet. The most famous site that brought widespread attention to the dark web was Silk Road, an illegal drug marketplace. The founder, Ross Ulbricht, was ultimately arrested and sentenced to life in prison in 2013; however, the publicity of the case actually caused the dark web to expand. For example, the Silk Road had approximately 12,000 illegal drugs listed in 2013, but, the now-closed Alphabay had more than 300,000 listings in 2017.10
Despite its rapid growth, the dark web remains a mysterious place to the majority of the population.11 It is often sensationalized on television with a focus on scare tactics.12 Unfortunately, this same limited level of understanding exists for a significant proportion of law enforcement professionals.13 Although many large agencies employ some components of cybercrime investigation and the topic has been discussed at law enforcement conferences, very few agencies actively monitor and take enforcement actions on the dark web. This can be attributed to a lack of resources and technical expertise, as well as an overall deficit of understanding.14 Criminals recognize and capitalize on law enforcement’s reluctance to enter the dark web, allowing the emergence of crimes that police are not prepared to monitor or combat.
Current Implications for Law Enforcement
Since the beginning of the Internet, the surface web has been used to commit criminal activity. Websites such as Craigslist and Backpage have been linked to crimes such as human trafficking, robbery, and murder.15 Even today, there is still a great deal of illegal activity committed on the surface web; however, once law enforcement becomes aware of it, an investigation leading to an arrest often occurs. One does not need to look any further for such an example than the seizure and ultimate closure of Backpage by the U.S. Department of Justice.16 This is because many users of the surface web lack the technical sophistication necessary to hide their identities on the Internet.
On the dark web, however, Internet Service Providers (ISP) do not have the ability to directly monitor web traffic, and the TOR engine is designed for the sole purpose of encryption and anonymity.17 It is nearly impossible to locate the dark website a criminal used to commit a crime.18 As a result, criminal activity on the dark web is often very difficult to identify and track, let alone gather enough information to obtain a conviction.19
Unlike visible criminal activity on the street, the anonymous nature of the dark web and inherent jurisdictional issues limit the ability of law enforcement to identify the cause or nexus to the dark web. Law enforcement deals with a wide variety of crimes ranging from violent assault to complex identity theft. Often, the focus is on the fruits of the crime or the end results. As an example, a stolen firearm discovered during a traffic stop is tracked as a crime, yet the fact the firearm was bought and sold through the dark web may never be discovered or captured in statistics. Identifying the causation and nexus of criminal activity, however, is vitally important, and could lead to an overall reduction of criminal behavior. This can be seen when targeting gang neighborhoods or areas with visible drug or human trafficking problems, which results in an overall reduction of criminal activity.20 Without active enforcement on the dark web, criminals are motivated and incentivized to continue committing their crimes on the dark web.
Statistics show an average growth of overall first-use Internet users of 12.75 percent per year, over the past 10 years.21 This statistic, along with increased encryption for the dark web and an overall acceptance of the dark web’s existence by the younger generation, signals a significant potential for increased growth of the dark web in the coming years.22 The creators of TOR, the gateway to the dark web, are seeking to dispel the “dark” elements of the dark web and increase the number of average daily users.23 This makes criminal investigations on the dark web even more difficult, as the dark web becomes filled with users on the dark web doing relatively innocent things, without realizing that sharks are swimming with them. Law enforcement agencies must adapt to this expansion and be prepared to actively patrol the dark web. In addition to increasing cybercrime-related budgets, additional training, staffing, and job classifications should be considered when it comes to dark web enforcement.
As public awareness grows, and the media continues to sensationalize the dark web, there will be increased public demand to combat criminal cyber activity.24 Law enforcement executives have the ability, though, to champion a new direction when it comes to the dark web. Every agency, from large to small, can do their part, even if they are not large enough to have a dedicated unit to investigate crimes on the Internet. There are three areas to address—training, staffing, and expertise—to help any agency protect their community from crime emanating from the dark web. The following recommendations set a good foundation to respond to the growing trend of dark web–related crimes.
The veil of obscurity must be lifted to bring law enforcement agencies into the 21st century. Line officers and detectives must learn to recognize and deal with crimes on the dark web.25 Internal and external training is pivotal in this regard. Although each agency is different in size and budget, every officer should understand the basic elements of the dark web. Line officers must know how to recognize criminals or crimes that may have a nexus to the dark web. Detectives must learn the basics so that they can call in experts when necessary and properly document any nexus to the dark web on reports. Managers and executives must become aware of the dark web to ensure their officers and detectives are properly identifying any connection crimes might have to it.
Although resources exist online, such as the IACP Cyber Center website and the National White Collar Criminal Center, little specific training on the dark web exists.26 Much of these resources are focused on overall cybercrime-related material such as malware and cyber bullying. Further, these resources are generally focused on the seasoned detective. Therefore police academies should include basic dark web training to ensure that new officers have general knowledge about the topic. Further, patrol officer training should be developed to both expose officers to the key elements and to highlight detection strategies for dark web–related crimes. As an example, all officers should know that a “.onion” web address or locating a cryptocurrency wallet might indicate a dark web nexus. The more advanced courses should be reserved for detectives and civilian cybersecurity specialists. Recruit and in-service training, though, should keep pace with the changing nature of crime so reports from the field reach specialists with the needed initial information.
Criminals operate on the dark web everywhere—the key is to identify those crimes and actors that overlap with local jurisdictions. The more agencies working on the dark web, the better the interagency collaboration and the more borderless each agency becomes, as shown by interagency success such as those by the INTERPOL Cybercrime Expert Group. The U.S. Department of Justice, Federal Bureau of Investigation, and many large agencies have specialists that understand the dark web; however, many agencies do not participate in cyber task forces.
Depending upon the size of an agency and geographic restrictions, a detective or detectives that understand the realities of the dark web should be developed and maintained. Further, dark web detectives should participate in external multiagency task forces, even if only in an adjunct role. If the jurisdiction does not have a task force available or developed, local chiefs and sheriffs should consider creating a task force within a specific region or state. Large agencies that currently have established dark web specialists should analyze existing staffing levels and make appropriate considerations to increase staffing and expand involvement in the dark web.
However, peace officers should not be expected to be technical experts in the field of cybercrimes and the dark web.27 Although officers should be aware of the elements of the crime and have general knowledge of the dark web, peace officers should maintain the key roles of law enforcement—identifying criminal activity, documenting crimes, seeking and executing search warrants, and making arrests. Experts in technical data security and dark web crimes should be the first line of expertise; sworn personnel should supplement their efforts and serve as the enforcement arm.
Due to the transient nature of detectives through rotations, transfers, or promotions, it is unrealistic to expect sworn officers to become information technology experts and long-term assets to dark web investigations. This concept is well known when it comes to the field of forensics and crime analysis—in many jurisdictions, crime scene specialists and crime analysts are civilian specialists with advanced degrees and training. These civilians have scientific and data analysis backgrounds and excel in what they do, and they tend to remain in their roles for longer periods of time. They are the behind-the-scenes experts that support and allow law enforcement to ultimately solve the crime and conduct an arrest.28
An example of a successful program can be found with the Federal Bureau of Investigation’s Computer Scientist job classification. This classification, requiring a bachelor’s degree in computer science and advanced mathematics, is a civilian position that assists federal agents investigating cybercrimes and investigations.29 Similar job classifications and missions exist at the National Security Agency, although their missions involve national security instead of criminal investigations. Computer scientists are significantly different than the more common information technology classification, which handles computer troubleshooting.
There are challenges with creating a computer scientist investigator classification. The Federal Bureau of Investigation reports an overall shortage of computer scientists on staff and difficulty hiring them. Although there is considerable interest, due to basic hiring standards, the number of qualified applicants is limited.30 Further, the National Security Agency reports losing an average of up to 25 percent of their existing computer scientists on staff, noting that outgoing employees enjoy the work and mission, but are driven away by the low salary.31 Other challenges exist when an agency is trying to fill positions that require significant technical expertise. Contractors have been retained for that purpose, but agencies should consider their qualifications and backgrounds carefully to avoid possible breaches of trust or other misconduct, such as the story of Edward Snowden, a contractor who leaked classified information to the public.
Fortunately, law enforcement executives are no strangers to hiring challenges. The sheer number of computer scientist applicants to the Federal Bureau of Investigation shows an interest in this job track. Agencies can examine their own hiring practices to determine requirements for the position. Further, although law enforcement cannot compete with private sector job salaries in this regard, law enforcement must highlight the mission—law enforcement can offer the deep satisfaction of being involved with combating cyber criminals and assisting with making arrests and convictions. Job satisfaction is one of the primary drivers for computer science employees.32
Unfortunately, computer scientists supplementing sworn law enforcement is not widely used outside of federal agencies. Law enforcement executives must realize the importance of having computer scientists on staff and utilize them when it comes to dark web criminal investigations. Cybersecurity is a highly specialized field with highly compensated and educated employees. A civilian law enforcement computer scientist investigator position would support sworn detectives, while ensuring knowledge transfer and retention.
To help prevent and investigate dark web–associated crimes, law enforcement executives must recognize this emerging problem and then seek proper budgeting, ensure their departments are adequately trained, and ensure their detectives are supplemented by computer scientists. By developing and implementing these recommendations, local agencies will be structured to combat the problems of the dark web impacting their communities. As local agencies begin to focus their response and local leaders see the need for funding and supporting this effort, the network of law enforcement monitoring of the dark web will grow. Agencies, working together, will be able to send a strong message that the dark web is not as anonymous as criminals might be led to believe.
The dark web is a highly complex and technical platform that allows criminals to collaborate and sell the fruits of their crimes. Law enforcement also has a responsibility to become actively engaged to prevent and investigate all crimes—even those involving the dark web. Through basic awareness, as well as proper funding, training, and hiring practices, law enforcement agencies will be poised to reduce dark web–enabled crime. It should be the goal of every executive to ensure the dark web is no longer a safe haven for crime, guarding yet another alleyway through which the public can safely travel. ♦
1 Thomas L. Friedman, The World Is Flat (New York, NY: Picador/Farrar, Straus and Giroux, 2007).
2 Internet Live Stats, “Internet Users.”
3 Tim Berners-Lee, “The WorldWide Web Browser.”
4 Internet Live Stats, “Internet Users.”
5 Michelle F. Wright, “The Relationship Between Young Adults’ Beliefs About Anonymity and Subsequent Cyber Aggression,” CyberPsychology, Behavior & Social Networking 16, no. 12 (December 2013): 858–862.
6 Cadie Thompson, “Beyond Google: Everything You Need to Know About the Hidden Internet,” Business Insider, December 16, 2015.
7 Thompson, “Beyond Google.”
8 Thompson, “Beyond Google.”
9 Corianna Jacoby, “The Onion Router and the Darkweb,” December 15, 2016.
10 Andy Greenberg, “The Silk Road Creator’s Life Sentence Actually Boosted Dark Web Drug Sales,” Wired, May 23, 2017.
11 “5 Predictions for the Future of the Deep Web,” Buiness Reporter, June 22, 2015.
12 Joseph Cox, “The Dark Web as You Know It Is a Myth,” Wired, June 18, 2015.
13 Christopher Budd, “Why Is the Deep Web Eludcing Law Enforcement?” TrendMicro Simply Security (blog), August 5, 2016.
14 Paul Waldman, “Expert: U.S. Police Training in Use of Deadly Force Woefully Inadequate,”The American Prospect, August 27, 2014.
15 Alexis Stevens, “Latest Crimes Show Dangers of Using Craigslist or Similar Websites,” Atlanta Journal-Consititution, May 25, 2017.
16 Gabriella Paiella, “The U.S. Government Seized Backpage.com and Shut It Down,” The Cut (blog), April 6, 2018.
17 Ahmed Ghappour, “Searching Places Unknown: Law Enforcement Jurisdiction on the Dark Web,” Stanford Law Review 69, no. 4 (April 2017), 1075–1136.
18 Jacoby, “The Onion Router and the Darkweb.”
19 Jonathan Mayer, “Cybercrime Litigation,” University of Pennsylvania Law Review 164, no. 6 (2016): 1453–1507.
20 George Kelling and James Wilson, “Broken Windows: The Police and Neighborhood Safety,” Atlantic (March 1982).
21 Internet Live Stats, “Internet Users.”
22 Tom Spring, “Tor Developer Busts Myths, Announces New Features,” ThreatPost, August 4, 2017 ; Sion Wyn Irfon Davies, An Investigion into Whether 18–30 Year Olds View the Dark Web as Relevant—A Perspective of Cyber Privacy (dissertation, Cardiff Metropolitan University, April 2017).
23 Spring, “Tor Developer Busts Myths.”
24 Budd, “Why Is the Deep Web Eluding Law Enforcement?”
25 Budd, “Why Is the Deep Web Eluding Law Enforcement?”
26 IACP, Law Enforcement Cyber Center.
27 Erin Murphy, “The Mismatch Between Twenty-First-Century Forensic Evidence and Our Antiquated Criminal Justice System,” Southern California Law Review 87 (2013–2014): 633–672.
28 Benjamin Mueller, “Police Add Civilians in Bid to Better Analyze Crime Data,” New York Times, August 15, 2017.
29 Federal Bureau of Investigation “FBI Jobs: STEM.”
30 Jack Moore, “Computer Scientists in Short Supply at FBI, Watchdog Warns,” Nextgov, November 16, 2015.
31 Jack Moore, “In Fierce Battle for Cyber Talent, Even NSA Struggles to Keep Elites on Staff,” Nextgov, April 14, 2015.
32 Kamlesh Mehtaand Ronald Uhlig, “Business Administration and Computer Science Degrees: Earnings, Job Security, And Job Satisfaction,” American Journal of Business Education 10, no. 1 (2017).
Please cite as
Shawn R. Kehoe, “The Digital Alleyway: Why the Dark Web Cannot Be Ignored,” Police Chief online June 12, 2018, http://www.policechiefmagazine.org/the-digital-alleyway.