Follow the cyber Silk Road

Boots on the street and analytics shut down underground cyber shopping centers

By John A. Cassara, Industry Adviser to SAS Federal LLC

In the fall of 2013, the Feds announced the arrest of a San Francisco man who allegedly ran Silk Road, an underground “digital bazaar” that peddled a wide range of narcotics and other forms of contraband.

The Silk Road site also advertised “services,” which included offers to hack into popular social media websites such as Facebook and Twitter allowing the purchaser to view and manipulate personal information. In addition, the website offered tutorials on hacking ATM machines, obtaining anonymous bank accounts, trafficking in counterfeit currency, acquiring stolen credit card information and other fraudulent activities. Hacking tools and password crackers were popular sales items.

The web site provided a new medium for transnational criminals to escape the back alleys, and market their wares in the underworld of cyber. Buyers and sellers could only gain access to the Silk Road through an anonymizing service. All transactions were conducted in virtual currency.

The Feds calculated that in a year-and-a-half, the site generated about $1.2 billion in sales and $80 million in commissions.

“The site has sought to make conducting illegal transactions on the Internet as easy and frictionless as shopping online at mainstream e-commerce websites,” according to FBI agent Christopher Tarbell, who is quoted in the complaint. As a former Treasury Special Agent, I salute the professionals in the FBI, DEA, Secret Service, IRS, HSI, and others for the successful law enforcement operation.

Although details of the cyber-criminal enterprise are lacking, I offer a few early observations:

  • Despite the protestations of the cyber site’s ringleader, nicknamed Dread Pirate Roberts, his buccaneering operation was not about personal liberties and promoting the “victimless” use of narcotics. Rather, like all organized criminal enterprises, his motivation was greed. The Feds calculated that in a year-and-a-half, the site generated about $1.2 billion in sales and $80 million in commissions.
  • Venue and jurisdiction are sometimes challenges for law enforcement, particularly in cyber. While there were many foreign ties, including the overseas hosting company, foreign servers and many of the vendors themselves, we were fortunate because in this case the alleged mastermind was an American and the arrests took place on US soil. Unfortunately, many cyber criminals operate in countries that are immune from the reach of US law enforcement.
  • Although authorities undoubtedly employed sophisticated 21st century cyber sleuthing, old-fashioned law enforcement techniques such as using undercover agents to penetrate the site and physical surveillance of the subject were also used.
  • Once again, “following the money” – in this case virtual currency – proved to be a valuable investigative technique.
  • Similar to a May, 2013 successful investigation into a digital currency website operating a $6 billion money-laundering network, described by one investigator as a “PayPal for criminals,” the Silk Road investigation is an “impact case” that will have far reaching consequences.

Learning about cybercrime after it's happened is useful for gathering intelligence, but it would be so much better to take a proactive approach. Many government agencies have implemented systems for real-time decision-making that expedite time to detection of emerging threats and provide a centralized governance and investigations framework. Read more tips and techniques for defending your network from cyber-attack.