The police arrested a 28-year-old student in Seville a few days ago. He was allegedly an international leader of pedophiles . He had highly valued closed forums, according to police, where child pornography was exchanged . To access its pages, he asked the suitors for a litmus test: the “sending of images of real incest”.
All that happens on the dark web. It has a fascinating name, which evokes infinite tunnels full of murderers and traffickers. However, it would be better if it was called the darkroom of the Internet. There are now hidden about two million people who connect to about 100,000 pages, according to data from Tor Project, which is the main browser to enter the dark web.
In 2013, after the revelations of the then of the American Government Edward Snowden, users reached six million, but later that figure fell again. Browsing the dark web is slower and less reliable. In Spain, users who connect are around 25,000. Dark web traffic represents 0.01% of the total.
The dark web is no huge city. It is a small knife, enclosed under a layer of darkness. “It is not a panorama of infinity, but of darkness. If it were large and with light it might be harder to navigate it,” says Manuel Guerra, an analyst at the Central Cybercrime Unit of the National Police. Guerra has been “working from the dark web ” from the beginning .
In the Madrid police complex where he works, Guerra has a five-screen computer on his desk: “I need them,” he says. There is a lot of server to control. Guerra’s job is to help his colleagues cyber patrol the dark web , as if walking through the open web. Prepare “torified” equipment, that is, where all connections are made through Tor, not only navigation but also tools such as DropBox, Skype or cyberattack programs.
All the technical doubts of the agents about this dark web related to crimes, which do not include terrorism, go through Guerra, which gave one of the keynote presentations on the dark web in the recent C1b3rwall, the congress of Digital Security and Cyber intelligence that celebrates at the Police Academy in Ávila.
The dark web is a place to hide and communicate. The purpose of the Tor browser is to sanctify online privacy : that nobody knows where you are browsing from or what you visit. It is useful for criminals, but it is also used by citizens of countries where online communication is monitored.
The dark web is sometimes confused with the deep web , which is that part of the web in private open and that is not indexed by Google: emails, online banking , closed academic repositories, private photographs of Facebook. Neither the deep web nor the dark web appear on Google or any other search engine, but for different reasons.
Everything is never under control
The pedophile of Seville believed that he had things under control. He even gave “precise instructions about what security measures they should take to avoid being subject to a police investigation,” he says. It does not seem, however, that he was so capable.
The goal in the dark web is to hide. A forum or page is created and it is not allowed to see anyone who does not have the address. No search engine can trace it, loose fleet in cyberspace. It is like a street in a city that only those who know where it is. But there the dangers begin: a criminal does not create a forum and then not share it. Its objective is to sell or offer some type of merchandise. Others need, therefore, the address.
In the case of the Seville pederast and its Spanish network, it was the United States authorities who alerted the police. Someone had seen or been in that forum. Citizen collaboration is central to finding the first clue in these cases. In the United States they verified that the bad ones lived in Spain. And they sent a report. The Spanish police already knew this time where to look. Now we had to enter the forum.
“I’ve searched many tutorials to see how those forums are set up,” says Guerra. “Once I have it mounted as explained there, I will see what failures it has. They are tutorials made for the system to work, not for it to be safe,” he adds.
Along with that knowledge, there is the practice of having closed more than 100 servers where pages or criminal forums were hosted: “It’s like a cook when you see a dish: you don’t have to see the recipe to know that something has not been done well. Just with smelling it, with seeing the texture you already know that it is not well done.
But many times it is not so easy to enter without a password. In the case of Seville, in addition to username and password, the administrator required proof of initiation: real incest. “In such cases we use a covert technological agent, which is like the police who pretended to be drug buyers or got into a criminal organization. We do it the same but in a technological way. You create a simulated identity with judicial authorization. It is a identity that must then be matured. Suddenly, the supercriminal appears and wants to be your friend, “says Guerra.
Undercover agents are good disguised as bad. Among, for example, 42 members of a forum for child pornography or card number sales may include several police officers, with their paper perfectly drawn up during months of research work. Once inside the forum, the dark web complicates the identification of each member. Tracing identity to a reliable IP often requires research outside the network. Someone is suspected and their movements are studied in real life to see if they are connected at the same time as their online alias . It is a way to confirm or discard. They are long operations
The old ‘dark web’
“The technology remains the same, almost everything remains the same,” says Guerra. The dark web is no longer new. The first drugs sold online made many headlines: Silk Road was in 2011 the “Amazon of drugs” and other clandestine products. Then the security forces have dismantled other criminal supermarkets, such as AlphaBay, Hansa or Wall Street Market, but they have not been so noticeable.
This change of model has an explanation, says Sergio Pastrana, a professor at Carlos III University: “Silk Road was the beginning of a new business model for drug dealers and other black market products. It does not imply that the technology of Anonymity was bad, and it is normal that new ones have appeared since then.There was then a liberalization of the market.It used to be a monopoly: nobody could compete with its volume.But since Silk Road fell, there were many who dared to mount their dark market [black market], “he explains.
“When someone comes in and sees it, it says that it is not cool. You have high expectations and you think that you are going to enter and they are going to offer you to kill your neighbor, but no. War.
- Manchester United takes 219 days! without marking the ball stopped
- 1×1 of Real Madrid vs Granada: Valverde leaves, Hazard opens
- Zidane: “Areola already knows that he has made a small mistake”
- One-on-one Real Madrid vs Granada: Bernabéu thanks James ‘signing’
- Zidane: “Valverde is very good, he is a modern player”
But this does not imply that the police stop investigating: “I have never stopped looking at it. But you have to understand what that is in its right measure, what it is for, what results it can give and who can use it. Someone will say that it has entered Tor and has seen a drug trafficking page, of course, but that’s not all the dark web gives , now you also type drugs and take you to stores that mimic eBay or Wallapop, but they are drug dealers, with its stars. There are many pages, as many as online stores there are shoes, “explains the researcher.
According to Google search trends , interest in the dark web has been growing gradually throughout the world.
Guerra began his police career with robberies at pharmacies or banks. Now things have changed: “Since then the robberies have gone down remarkably. How long has it been that there is no news of a bank robbery?” He says. Instead, cybercrime does not stop. “Does this mean that a bank robbery has gone into cybercrime? No. It means they are different generations,” says Guerra.
The policeman remembers the moment he went from stopping veteran robbers to kids. He would be 23 years old. He had little in the police. “We went to stop an 18-year-old kid. He had hacked some Twitter accounts. I thought that could have been me. Not because he had done something wrong but because he was my age,” he says.
Guerra’s interest in crimes and traps does not end when his day ends. Their recommendations for managing privacy are valued by a good group of followers: “Do you have your password manager uploaded in the cloud? Do you trust the cloud?” He asks. And adds one of the greatest maxims of Internet security: “Nothing is infallible.” His work on the dark web is the test.