Is the Dark Web safe? How Ross Ulbricht's life sentence could harm online law enforcement

Ross Ulbricht has been issued a life sentence for running illegal online drug marketplace Silk Road, selling more than $200m (131m) worth of drugs anonymously.

Ulbricht was found guilty of crimes including conspiracy to commit drug trafficking, money laundering and computer hacking.

District Judge Katherine Forrest who oversaw the trial said Ulbricht was "no better a person than any other drug dealer...There must be no doubt that lawlessness will not be tolerated."

Before the sentence was announced, Ulbricht pleaded that the judge be more lenient, allowing him to be released earlier in order to live his old age.

"I've essentially ruined my life and broken the hearts of every member of my family and my closest friends. I'm not a self-centred sociopathic person that was trying to express some inner badness. I do love freedom. It's been devastating to lose it," he said.

However, the judge was not sympathetic to his appeal and said he must be awarded the maximum sentence as a warning to anyone who takes part in copycat activity.

Silk Road was run using Onion Router (Tor), a Dark Web browser that hides activity under layers of encryption to make it virtually untraceable.

Ross Ulbricht was arrested and convicted back in February. His arrest, and the closure of Silk Road (and its successor, Silk Road 2.0) were hailed as turning points in the FBI's battle to tackle criminal activity on Tor.

However, a new report published this month by the Global Commission on Internet Governance suggests Ulbricht's downfall may make it harder for law enforcement agencies to bring their jurisdiction to the shadowy corners of the internet.

The report, called The Impact of the Dark Web on Internet Governance and Cyber Security, said increased scrutiny from investigators on the Tor network, coupled with more monitoring of the regular internet, is resulting in criminals becoming more careful to hide their tracks.

It read: "Recent revelations about wide-scale nation-state monitoring of the internet and recent arrests of cybercriminals behind sites hosted in the Dark Web are starting to lead to other changes.

"It would not be surprising to see the criminal underbelly becoming more fragmented into alternative dark nets or private networks, further complicating the job of investigators."

It predicted that "new large marketplaces" for criminal activities will soon appear on the Dark Web, and security researchers must strive to find new ways to spot them.

One of the difficulties is the transient nature of such illegal sites, with operators making them available for only short periods of time before closing them down, the report said.

However, the commission outlined a number of recommendations to help investigators battle online criminals.

One is to monitor illegal transactions made on the Dark Web over a long period of time, to gather information on sellers, goods and users in order to build up individual profiles of suspects.

Another is to map the directories of hidden networks such as Tor, which uses a domain database built on a distributed system known as a distributed hash table (DHT).

The commission suggests deploying nodes in the DHT system to monitor requests coming from certain domains.

One more recommendation is to monitor sites like Pastebin, where users can temporarily store and exchange text online reportedly a popular way for criminals to exchange addresses and contact information.

The report concluded: "Security researchers have to remain vigilant and find new ways to spot upcoming malicious services to deal with new phenomena as quickly as possible."

While the Dark Web is a hotspot for criminal activities that can be conducted without being traced by law enforcement agencies, it also serves to help journalists communicate with secret sources by reducing the risk of their communication being spied on, and can help ensure anonymity on the internet.

The commission was keen to point out its advantages for the likes of whistle-blowers and even ordinary citizens, saying: "For these individuals and the organizations that support them, secure anonymity is critical. It may literally save lives.

"While the undesired effects of Tor must be recognized, the complexities and varied situations should make us suspicious of sweeping imperatives."

Silk Road 2.0

The report was released three months after the second incarnation of Silk Road was shut down by US law enforcers following the arrest of its alleged owner, Blake Benthall, in November 2014.

Silk Road 2.0 was operational since November 2013 and was reportedly used to sell a range of unlawful goods, including drugs, computer hacking tools and fraudulent identity documents, and to facilitate money laundering.

In a statement, the FBI revealed that in mid-October 2014 there were 13,000 listings on the site for controlled substances, including cannabis, ecstasy and various opiates.

According to prosecutors, Benthall set up Silk Road to replicate the original version of the website which was seized in a similar operation in October 2013.

He is alleged to have overseen the management of the computing infrastructure underpinning the site, as well as its code, the terms of service for using it and the rates of commission charged to vendors and customers that participated in transactions.

He has been charged with conspiring to commit drugs trafficking, computer hacking, the trafficking of fraudulent ID documents and one count of money laundering.

Preet Bharara, the Manhattan US Attorney overseeing the case, said Benthall's capture should send a clear message to those thinking of following his lead.

"Let's be clearthis Silk Road, in whatever form, is the road to prison. Those looking to follow in the footsteps of alleged cybercriminals should understand that we will return as many times as necessary to shut down noxious online criminal bazaars. We don't get tired," warned Bharara.

Meanwhile, George Venizelos, the FBI assistant director in charge, said anyone who attempts to use the dark net to peddle illicit wares should know their actions are unlikely to stay hidden for long.

"Blake Benthall ran a website on the Tor network facilitating supposedly anonymous deals of drugs and illegal services generating millions of dollars in monthly sales. Benthall should have known that those who hide behind the keyboard will ultimately be found," he said.

"The FBI worked with law enforcement partners here and abroad on this case and will continue to investigate and bring to prosecution those who seek to run similar black markets online."

Court documents describe the site as "one of the most extensive, sophisticated and widely used criminal marketplaces on the internet today" and, as of September 2014, it had 150,000 active users. Collectively, these helped Silk Road generate sales of around $8 million per month.

Both versions of the site operate on the Tor network and allow users to conduct transactions using the Bitcoin virtual currency, both factors that let them take part in transactions anonymously.

Craig Young, a researcher at security vendor Tripwire, said the case is a good example of how law enforcers can use traditional investigative methods to bring those dabbling in 21st century crimes to justice.

"It appears that the FBI was able to infiltrate the inner-circle of the site's administrative staff thereby gaining access to communications and data allowing them to make a case against Blake Benthall, the alleged founder of the site.

"This is a great example of how 20th century law enforcement tactics and undercover operations are still viable in the 21st century despite drastic changes to the criminal landscape," Young added.

This article was originally published on 07/11/2014, but was subsequently updated on 23/02/2015 to reflect the publication of the Global Comission on Internet Governance's report and on 01/06/15 to reveal Ulbricht's sentencing.

Caroline Donnelly is the news and analysis editor of IT Pro and its sister site Cloud Pro, and covers general news, as well as the storage, security, public sector, cloud and Microsoft beats. Caroline has been a member of the IT Pro/Cloud Pro team since March 2012, and has previously worked as a reporter at several B2B publications, including UK channel magazine CRN, and as features writer for local weekly newspaper, The Slough and Windsor Observer. She studied Medical Biochemistry at the University of Leicester and completed a Postgraduate Diploma in Magazine Journalism at PMA Training in 2006.