The ‘darknet’ is being used by criminals and political dissidents to avoid surveillance. Anita Greenhill suggests ways that governments can tackle it.
While most people use the internet’s legitimate channels to shop, search for items, or communicate with friends and family, there are some who hide in the internet’s cracks and shadows. These less known and visited places are recognised as the “darknet”.
In recent days there has been publicity about the use of the darknet by child pornographers and drugs traffickers. There are long standing concerns about the use of the darknet by Al Qaeda and its affiliates.
Darknets are online private networks that are not open to all, where friends and trusted peers go to connect and to share and exchange ideas, files and information. These networks operate in the hidden parts of the internet. They use non-standard protocols and ports in order to share anonymously and for this reason they are often associated with the activities of criminals, political dissidents and secret societies. The predominant reason these users operate in the darknet is to communicate with little fear of governmental or corporate interference and to exchange ideas that would otherwise be deemed unacceptable by society or the state.
The darknet, cybercrime and cyberterrorism are major challenges that influence the future of the internet. Developing appropriate legislations and policies will directly impact on whether the internet is used positively and for the general good in the future. From a policy perspective, the priority is to tackle the darknet and strengthen cyber security, understanding more clearly where security gaps exist and how these are being exploited.
Cybercrime flourishes because the internet is only as strong as its weakest link. Software development is dominated by large companies – for example, Microsoft – but such companies have avoided liability for security flaws and cybercrime. Similarly infrastructure providers and Internet Service Providers (ISPs) have to date largely denied responsibility for constructing systems and networks that have been exploited by darknet users.
As a result cybercrime and other shadowy transactions have become an organised industry with specialised functions and ‘impressive productivity gains’. It is very difficult to obtain accurate figures on cybercrime. Some organisations, such as software security companies, over report it. Others, such as banks, under report it.
There are potential approaches that could be adopted to improve the situation for tackling cybercrime. Governments can adopt and implement policies that require full disclosure and transparency regarding breaches of security that relate to data transactions and exchanges. France and the UK already require banks to produce national aggregated figures that cannot be traced to individual banks.
In addition, laws can be passed – as in a number of US states – which require companies to report security breaches. This led to the disclosure by T K Maxx that hackers had stolen the credit card details of 45 million customers. When security breaches are reported individuals can take action and companies will try to plug security weaknesses.
In a paper Tyler Moore and others suggest that ISPs are key controllers in these forms of illicit exchange as they can monitor internet traffic and disconnect computers from the internet. Evidence shows that certain ISPs have controlled large amounts of spam generation. For example, in November 2008, a journalist from the Washington Post persuaded upstream bandwidth providers to shut off their connection to San Francisco-based McColo. The shut off led to a temporary fall of almost 70% in the volume of spam worldwide. The experiment revealed that many spammers had been using McColo to host their control computers.
Using policy that targets individuals and the illicit exchange of information alone will not provide an adequate solution. Requesting the closure of certain bandwidth providers does not correct the underlying problem, as many of the sites will disappear to avoid detection and quietly transfer to other providers. A more successful long-term strategy is therefore to make more transparent transactions and data flow trails across the internet.
It is the fragmented nature of the internet that has a direct impact on policy development. Darknet activity is not a regional issue, but rather a global issue. Legislation will need to be co-ordinated to align national and regional policies with international policy.
There are two priorities. The first is to ensure that existing cyber crime policies operate in a joined-up manner across national boundaries to tackle criminal activity. Secondly, it is essential to correct the current disconnection between legislation at the national, regional and international levels. The United Nations Office for Drugs and Crime (UNODC) has therefore recommended a number of approaches that can be taken by policy makers to move away from the reliance on traditional law, towards forming overarching formal international co-operation on criminal matters.
Co-operative policy controls that UNDOC has suggested that can be developed include:
- Companies and organisations being required by law to disclose security breaches.
- Banks being instructed to co-ordinate their security responses and ensure their security contractors share information.
- National governments should co-ordinate their police focus on specific areas of cybercrime, such as botnets, dissident exchange, etc.
- Cybercrime should be treated as an illegal industry and its activities such as money laundering targeted. There are broader society concerns about the activities of cybercriminals that go beyond losses incurred by financial institutions.
It is important that transparency and openness relating to data transactions is encouraged at industry and governmental level. In addition, governments need to carefully consider and co-ordinate policy development to enable them to co-operate in overcoming the emerging challenges of the internet in the 21st century – the darknet and cybercrime.