Dark Web 2.0?
The dark web, a part of the Internet that promises relative anonymity by requiring specific software for access, is shrinking after years of defunct sites, exit scams, and indictments. A new generation of criminals, dissidents, and privacy enthusiasts, however, will likely revive it using stronger anonymizing protocols while also conducting more criminal activity on the clear web.
The dark web aims to hide its users’ web browsing, e-mail, and even instant messaging from law enforcement and oppressive regimes by using “The Onion Router,” or Tor software. A free web browser partially developed by the US government, Tor provides its users with free access to a worldwide network of thousands of relays maintained by volunteers. By encrypting user traffic and by bouncing it around the relay network at random, Tor obfuscates a user’s activity. This shielding enables users in countries with controlled media to anonymously access restricted information, such as the New York Times’ dark web site. This same anonymizing ability, however, also allows criminals to buy and sell narcotics, firearms, malware, stolen identities, and illegal pornography with a decent chance of not getting caught.
Unfortunately for criminals and dissidents alike, Tor was never invincible. Specifically, Tor’s relay network is vulnerable to an adversary that can corelate the traffic that enters and exits the relay network to deanonymize users. The past decade has seen governments use this technique and others to deanonymize dark web users and arrest them.
The dark web is also shrinking. Cyber threat intelligence company Recorded Future’s May 7 report, Who’s Afraid of the Dark? Hype Versus Reality on the Dark Web, found a dark web that is much smaller than imagined, a fraction of the clear web—the everyday web that most Internet users are familiar with—and dominated by inactive websites.
But why is it shrinking? The Recorded Future report arrived in the midst of a tumultuous week for the dark web. On April 30, Dream Market, the dark web’s largest illicit marketplace, shut down after a month of speculation that it had been seized by police or fallen victim to an exit scam—a ploy in which the site administrators disappear after stealing the funds held in escrow. On May 3, the US Department of Justice (DOJ) charged three German nationals for running Wall Street Market, another of the dark web’s largest illicit marketplaces and one that had recently fallen prey to an exit scam. On May 8, the DOJ indicted two Israeli nationals for running a popular dark web address service—think yellow pages for the dark web—that provided visitors direct links to illegal marketplaces.
This bad week reveals a dark web in which indictments, site closures, and exit scams have become the dominant business models. All of this begs the question: where does the dark web go from here?
Collapse of the Dark Web?
The dark web’s criminal infrastructure is crumbling from within while being attacked from without. As sites are being seized by police or shuttering in exit scams, hackers topple others while some simply disappear. All of which is bad for user trust.
Will the dark web collapse? This is unlikely. Cybercrime, much of it enabled by the dark web, is a $1.5 trillion industry, with new offerings such as crime-as-a-service joining the more traditional offerings of drugs and guns. The dark web has too many invested players—even organized crime groups—making too much money for it to disappear.
Move to the Clear Web?
Some things will change, however. Criminals will need to evolve to reach customers. If buyers don’t trust dark web marketplaces because so many have either been seized by police, run by thieves, or disappeared, sellers will need a new way to reach buyers. And what better place to reach buyers than Facebook?
Indeed, this is already happening. Operating on Facebook, while risky, offers criminals access to a huge pool of potential buyers, the ease of use of Facebook, and Facebook’s algorithms serve to connect buyers and sellers automatically.
Dark Web 2.0?
The dark web itself will also change, with Tor likely receiving upgrades that impede totalitarian regimes and police alike. In addition to better encryption, improvements will prevent those who don't already know about a hidden site from finding it, though it’s unclear how such upgrades will effect usability. While preventing users who don’t already know about a site from finding it will keep cops away, it will keep customers away, too.
Any reduced usability will likely mean fewer casual users surfing the dark web leaving the shadowy corners of the Internet to the cartels, state actors, and sophisticated criminals who will remain on core sites buried where police can’t find them. This will likely mean fewer new customers, which will prompt changes in business models such as illicit marketplaces shifting from retail to wholesale models.
We will likely see a smaller dark web orbiting around a sophisticated criminal core using newer, but less user-friendly, anonymization protocols, while other criminals will need to operate in plain sight on the clear web to reach less-savvy customers.
Combatting criminals operating on the clear web will only be a question of time and resources. Law enforcement will struggle, however, with the sophisticated actors operating on sites using the upgrades described above. Publicity, such as the article that popularized the Silk Road dark web marketplace, was both the boon and bane of successive illicit dark web marketplaces. Tightly controlled invite-only business-to-business marketplaces will rarely be in the limelight, thus keeping potential customers—but also the cops—in the dark. Law enforcement’s only options will likely be old-fashioned informants and undercover work.
It should be noted that this future may already be here. Does the dark web appear smaller to researchers like those at Recorded Future because some of the Tor upgrades under development in 2017 have already been implemented by shadowy groups? While unlikely, it is possible.
Jared Zimmerman is an intern with the Atlantic Council’s Cyber Statecraft Initiative.