In the late 1990s, two research organizations in the US Department of Defense drove efforts to develop an anonymized and encrypted network that would protect the sensitive communications of US spies. This secret network would not be known or accessible to ordinary internet surfers. And while the original clandestine intention was never fully realized, some of the researchers saw a different value proposition at hand—launching a nonprofit focused on anonymity for human rights and privacy activists.
Enter the Tor network, short for “The Onion Router,” given the many layers of encryption that guard passing information. Tor lives on the fringe of the internet and serves as the underlying technology of the dark web—a collection of hidden sites inaccessible via a regular browser and not indexed by search engines such as Google. The Tor browser—a free download—is all you need to unlock this hidden corner of the web where privacy is paramount. Radical anonymity, however, casts a long shadow.
The truth about the dark web is that in addition to offering extreme privacy and protection from the surveillance of authoritarian governments, it facilitates a growing underground marketplace that sophisticated criminals use to traffic drugs, stolen identities, child pornography, and other illicit products and services. And with untraceable cryptocurrency as the primary means of payment, close cooperation between law enforcement, financial institutions, and regulators around the world is required to tighten the screws on nefarious activity.
The gray areas
Today, over 65,000 unique URLs ending with .onion exist on the Tor network. A 2018 study by computer security firm Hyperion Gray catalogued about 10 percent of these sites and found that the most prevalent functions facilitate communication via forums, chat rooms, and file and image hosts, as well as commerce via marketplaces. These functional roles, particularly related to communication, support many uses that are considered legal and legitimate in free societies. Furthermore, a 2016 study by research firm Terbium Labs analyzing 400 randomly selected .onion sites suggests that over half of all domains on the dark web are in fact legal.
For individuals living under oppressive regimes that block large parts of the internet or punish political dissent, the dark web is a lifeline that provides access to information and protection from persecution. In freer societies, it can be a critical whistle-blowing and communication tool that shields people from retribution or judgment in the workplace or community. Alternatively, it can simply deliver privacy and anonymity for those wary of how corporations and governments are tracking, using, and potentially monetizing their data. Today, many organizations maintain a hidden website on Tor, including nearly every major newspaper, Facebook, and even the US Central Intelligence Agency (CIA). This is because a Tor website demonstrates a (sometimes symbolic) commitment to privacy. The New York Times and the CIA, for example, are both hoping to facilitate communication with virtual walk-ins who can provide sensitive information.
On the flip side, the same privacy and anonymity that deliver protection from tyrants and targeted advertisements also make the dark web a springboard for crime. Some of the more prevalent illicit activities include arms trafficking, drug dealing, and the sharing of exploitative content—often involving children—such as pornography and images of violence and other types of abuse. Websites support the rhetoric of neo-Nazis, white supremacists, and other extremist groups.
The pairing of dark web services with cryptocurrencies has led to expectations of a boom in crime. A decade ago, an unknown cryptography expert (with particular expertise in cracking passwords) who used the alias Satoshi Nakamoto developed the world’s first currency and payment network not controlled by a national government: Bitcoin. Originally a niche medium of exchange for the technology community, Bitcoin emerged in 2011 as the currency of choice for drug dealers conducting transactions on a dark-web site known as the Silk Road. Over the past five years, the combination of an encrypted network hidden from most of the world and a transactional currency that is nearly untrackable by law enforcement officials resulted in a small, but significant, marketplace of illicit vendors selling illegal wares.
Of the close to 200 domains catalogued as illegal by Terbium Labs, more than 75 percent appear to be marketplaces. Many of these are fueled by Bitcoin and other cryptocurrencies, such as Monero. Recreational and pharmaceutical drugs are the most popular products, followed by stolen and counterfeit documents such as identities, credit cards, and bank credentials. Some sites offer hacking and technological crime services, including malware, distributed denial of service attacks, and hacking for hire. A good number offer a mix of these and other products, including pornography and counterfeit goods.
Although the serious nature and rapid growth of illicit transactions on the dark web should concern governments and global financial institutions, the overall portion of worldwide commerce transacted on the dark web is minuscule compared with global illicit commerce. A recent report by a leading crypto-payment analytic firm, Chainalysis, shows that Bitcoin transactions on the dark web grew from approximately $250 million in 2012 to $872 million in 2018. The firm projected that Bitcoin transactions on the dark web will reach more than $1 billion in 2019. If correct, it would represent a record-setting level of illegal transactions in this arena. The report also noted that the proportion of Bitcoin transactions tied to illicit deals has declined by 6 percent since 2012 and now accounts for less than 1 percent of all Bitcoin activity. Even more broadly, the United Nations estimates that the amount of money laundered globally in one year is 2 to 5 percent of global GDP—between $1.6 trillion and $4 trillion.
Even though the total economic volume of illicit dark web activity remains relatively small, many of the most corrosive threats to society today operate in the shadows of the Tor network and thus merit the attention of international regulators, financial institutions, and law enforcement agencies.