Nmedia - Fotolia
Experts said users of dark web markets should no longer expect their activity to be anonymous after global law enforcement coordinated to arrest and question those suspected in the sale of illegal goods.
The dark web crackdown was part of Operation Hyperion, which was led by various U.S federal law enforcement agencies in collaboration with Australia, Canada, New Zealand, the U.K. and members of Europol. According to a statement from the U.S. Immigrations and Customs Enforcement agency, the effort took place between Oct. 22 and 28, and it targeted vendors and buyers of illegal drugs, goods and services on popular dark web markets.
"Operation Hyperion resulted in a number of law enforcement leads on cases related to the buying and selling of illicit drugs and other goods on the darknet," the release read. "This operation will also help law enforcement agencies continue to combat the trafficking of illicit goods and services on the darknet through the identification of new smuggling networks and trends."
The FBI called Operation Hyperion "the brainchild of the Five Eyes Law Enforcement Group, an international coalition of law enforcement agencies from Australia, Canada, New Zealand, the United Kingdom and the United States." The FBI said it "made contact with more than 150 individuals" in the U.S. suspected of buying illegal items in dark web markets, some of which confessed to the illicit activity.
New Zealand authorities said they had "identified and spoken to more than 160 people nationwide for buying illegal drugs via darknet and other illegal sites, with more police visits to come."
"The clear message for people who think they can use the internet to buy illegal drugs and get away with it is that they can't. These sites are not top-secret," said Kelly Knight, manager of the New Zealand National High Tech Crime Group, in a press release. "Police can view them, and together with customs, we can track packages down to addresses and individuals."
The Royal Canadian Mounted Police said it had performed "numerous seizures" and detained at least one person connected to "an international distributor of narcotics based in Quebec." And Swedish police claim to have identified around 3,000 people suspected of buying illegal goods on dark web markets.
The FBI said it used "all available investigative techniques to target buyers, sellers, marketplace administrators and the technical infrastructure of the marketplaces themselves," but it is unclear how the law enforcement agencies were able to deanonymize dark web users and track packages being mailed.
The FBI did not respond to requests for comment as of this post.
Experts said Operation Hyperion was further proof that Tor users and dark web visitors cannot expect anonymity.
"At this point, Tor may be considered effectively compromised and subject to at-will exploitation," Volovich told SearchSecurity. "User identity may be discovered by a ready array of means. Thus, deep web users should not expect anonymity anymore."
Deepak Patel, director of security strategy at Imperva, based in Redwood Shores, Calif., agreed and expected Operation Hyperion to have a positive effect on dark web markets.
"The exponential increase in criminal activity originating from Tor networks is driving law enforcement to apply these advanced techniques," Patel told SearchSecurity. "As with any technology, there are good outcomes and bad outcomes; in this case, the number of cybercriminals using Tor for nefarious activities outweighs the legitimate users. Loss of anonymity in the short term will most likely help curb cybercrime without much impact to legitimate users."
Volovich said "lower-level actors may take heed," but there are too many professional criminals who will find a way around efforts like Operation Hyperion and too few law enforcers for there to be a lasting effect.
"Despite the evolution in tradecraft, law enforcement is still severely under-resourced. The traditional law enforcement model of enforcement and deterrence simply isn't scalable, given the enormous volume of threats and threat actors operating in cyberspace," Volovich wrote via email. "Disrupting the malicious tradecraft across entire threat categories and disrupting criminal monetization models is the only way to 'take a byte' (pun intended) out of cybercrime."
Learn more about if Tor usage poses a risk for enterprises.