The internet poses one of the foremost challenges for today’s law enforcement. From material published on servers halfway across the world and out of reach, to the formidable security and deception made possible by modern encryption, the internet renders useless many of the traditional strengths of law enforcement, such as physical force and the ability to physically search for and analyze evidence.
The FBI’s seizure and shutdown of the illicit online marketplace Silk Road is emblematic of the new tools that police have learned to use. Silk Road was designed to be securely encrypted and anonymous from end to end. So how was the FBI able to shut it down? If they had the ability to shut it down, why didn’t they shut it down earlier, given that its law-breaking was so blatant? After the Silk Road was shut down, why and how was it immediately resurrected by others? Shouldn’t the FBI’s efforts have had more of a deterring effect, at least against a site that appears almost identical to its predecessor?
Perhaps most fundamental to answering all of the questions is the exact method the FBI used to thwart Silk Road. As far as anyone knows, neither the FBI nor anyone else was ever able to crack the multi-layered encryption of Bitcoin or the Tor network. Documents obtained by the UK’s Guardian newspaper showed that the US National Security Agency described Tor as “very secure” and “the king of high secure, low latency anonymity.”
Instead, they attacked its human element. The FBI’s success was the result of a return to its classical roots. Agents searched the internet for the earliest references to Silk Road. What they found was its owner, the Dread Pirate Roberts, building buzz for the site. They then followed him across the internet until he made a mistake, allegedly revealing a personal email address. With that, and information painstakingly assembled from various anonymous internet postings allegedly made by the same person, they were able to put together a mosaic of the person they were tracing and reveal sufficient information to make the arrest.
The Silk Road’s second version, Silk Road 2.0, experienced a similar stumble right out of the starting gate. It launched on November 6, 2013, promising increased security with the same setup and theme. However, on December 20th, 2013, a pair of its staff were arrested, later to be indicted on drug trafficking and money laundering charges. One of those staff members alleged that the Silk Road 2.0 was compromised at the highest levels by law enforcement.
If it does turn out to have been compromised, it wouldn’t be the first time that the FBI has infiltrated seemingly secure online entities and taken them down from the inside. In March of 2012, it was revealed that they had struck a deal with the computer hacker known as Sabu, a co-founder of the hacking group LulzSec responsible for several high-profile crimes including the robbery of ATM machines in the UK and an attack on the American Public Broadcasting System website. He had been working as an informant for the FBI since the middle of 2011.
The Silk Road indictment describes a painstaking process of assembling evidence gleaned from human error, and perhaps provides the answer to the question of why the Silk Road seizure and other high-profile arrests haven’t deterred others. The FBI’s falling back on classical law enforcement techniques seems to strengthen the reputation of the multi-headed hydra that is the darknet. In each case, there’s no evidence that a technological failure was responsible. Encryption was not compromised, and anonymity through Tor was intact. Instead, the FBI’s successes came through the exploitation of human error. Every time the FBI arrests someone because he used the wrong name on a web forum, and not because of a technological failure, another person can stand up and say: “I wouldn’t make that mistake. I’d be safe, because I’m more careful.”
The freedom of information in the digital realm has led to many benefits, but it also holds the crime to spiral out of control. For all of law enforcement’s successes, the internet remains a wild frontier.