The Knowledge Exchange / Risk Management / Follow the cyber Silk Road

Follow the cyber Silk Road

Boots on the street and analytics shut down underground cyber shopping centers

Last week, the Feds announced the arrest of a San Francisco man who allegedly ran Silk Road, an underground “digital bazaar” that peddled a wide range of narcotics and other forms of contraband.

The Silk Road site also advertised “services,” which included offers to hack into popular social media websites such as Facebook and Twitter allowing the purchaser to view and manipulate personal information.  In addition, the website offered tutorials on hacking ATM machines, obtaining anonymous bank accounts, trafficking in counterfeit currency, acquiring stolen credit card information and other fraudulent activities.  Hacking tools and password crackers were popular sales items. 

The web site provided a new medium for transnational criminals to escape the back alleys, and market their wares in the underworld of cyber.  Buyers and sellers could only gain access to the Silk Road through an anonymizing service.  All transactions were conducted in virtual currency.

“The site has sought to make conducting illegal transactions on the Internet as easy and frictionless as shopping online at mainstream e-commerce websites,” according to FBI agent Christopher Tarbell, who is quoted in the complaint. As a former Treasury Special Agent, I salute the professionals in the FBI, DEA, Secret Service, IRS, HSI, and others for the successful law enforcement operation. 

Although details of the cyber-criminal enterprise are lacking, I offer a few early observations:

  • Despite the protestations of the cyber site’s ringleader, nicknamed Dread Pirate Roberts, his buccaneering operation was not about personal liberties and promoting the “victimless” use of narcotics.  Rather, like all organized criminal enterprises, his motivation was greed.  The Feds calculated that in a year-and-a-half, the site generated about $1.2 billion in sales and $80 million in commissions.
  • Venue and jurisdiction are sometimes challenges for law enforcement, particularly in cyber.   While there were many foreign ties, including the overseas hosting company, foreign servers and many of the vendors themselves, we were fortunate because in this case the alleged mastermind was an American and the arrests took place on U.S. soil.  Unfortunately, many cyber criminals operate in countries that are immune from the reach of U.S. law enforcement.
  • Although authorities undoubtedly employed sophisticated 21st century cyber sleuthing, old-fashioned law enforcement techniques such as using undercover agents to penetrate the site and physical surveillance of the subject were also used. 
  • Once again, “following the money” – in this case virtual currency – proved to be a valuable investigative technique. 
  • Similar to a May, 2013 successful investigation into a digital currency website operating a $6 billion money-laundering network, described by one investigator as a “PayPal for criminals,” the Silk Road investigation is an “impact case” that will have far reaching consequences.
  • Fraud in cyber is widespread and impacts both government and industry.

The ongoing “Breakfast with SAS” series explores various forms of financial crimes, and the Nov. 19 event will have representatives from government and industry discussing the cyber threat and possible analytic solutions.  You can bet Silk Road will be a hot topic.

Tags:
  • Facebook
  • del.icio.us
  • Twitter
  • Digg
  • LinkedIn
  • email

Post a Comment

Your email is never published nor shared. Required fields are marked *

*
*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>