Aussie coppers bedeviled by online contraband networks

Powered by SC Magazine
 

War on the Silk Road requires legal barriers dismantled and police technical skills to be mapped.

A confidential report has revealed Australian law enforcement agencies are struggling to deal with booming online illicit drug markets which promise users high levels of security and anonymity.

The report, "Hidden in Plain Sight" issued by the Queensland Crime and Misconduct Commission and obtained by SC, paints a bleak picture for narcotics enforcement. 

It shows that police are struggling to cope as traditional drug distribution networks give way to burgeoning online drug stores.

The May 2012 report focuses on the notorious Silk Road drug marketplace, a veritable eBay of illicit drugs that protects buyers and sellers with encryption via the Tor network.

The popularity of the website is quickly expanding. Accurate numbers are difficult to acquire, however the report notes that the number of registrations for the Silk Road forum rose by 7762 on February 12 to almost 20,000 by the beginning of May. The number of forum posts rose 97 per cent to 199,538 over the same time.

The number of legitimate users of the Silk Road marketplace could be much higher.

Each element of Silk Road transactions is wrapped in security. The site operates as a hidden service that hides its server IP address, while users connect through the Tor network which is constantly tested for security holes by thousands of users. Users buy drugs, weapons and other contraband through the untraceable BitCoin online currency.

Silk Road users further boost security by discussing techniques to hide drugs from customs and postal services, and by vetting the integrity of sellers and their products. 

This information sharing was so effective that the report notes existing "forensic examination of posted items and packaging yields no information", pointing to the sophistication of postage techniques.

The report said the impact of the open discussion on the security of the marketplace "cannot be underrated" and suggests law enforcement agencies should heed the lessons and use "power to the crowd" to combat the Silk Road.

This would involve an audit of police skills across Australia to map strengths and weaknesses within police cyber units and improve training. It would compliment the previously stated priority given by Australian police for "reducing cross-border barriers to law enforcement and prosecution".

The report flagged possible attacks against the Tor network, and cited previous research including Perez-Gonzalez and Crandall's timing and fingerprint analysis, and man-in-the-middle attacks against exit nodes. It said it was unknown if the latter attack was possible against Tor hidden services. 

Police could also benefit from research and development undertaken within unspecified national security agencies.

Other avenues to attack the Silk Road flagged in the report include social engineering, intersections between online transactions and the real world, and by targeting user error.

"For example, compulsive users ... may become frustrated by the relatively slow speed of Tor as compared to broadband internet, which may tempt them to stray off Tor," the report said.

Further frustrating police efforts was the absence of the Australian tax office, customs and state crime commission agencies from the Australia / New Zealand Policing Advisory Agency (ANZPAA). This hindered the joint initiative which sees police ministers and commissioners from both sides of the Tasman provide policy advice to improve cross-jurisdictional policing initiatives.

Copyright © SC Magazine, Australia


Aussie coppers bedeviled by online contraband networks
 
 
 
Top Stories
ATO releases long-awaited Bitcoin guidance
Everyday investors escape the tax man.
 
Why the Weather Bureau’s new supercomputer is a 'gamechanger'
IT transformation starts to reap results.
 
Sydney Trains chief thinks beyond Opal
Plots app to help you find a seat on the train.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Which is the most prevalent cyber attack method your organisation faces?




   |   View results
Phishing and social engineering
  67%
 
Advanced persistent threats
  3%
 
Unpatched or unsupported software vulnerabilities
  12%
 
Denial of service attacks
  7%
 
Insider threats
  11%
TOTAL VOTES: 446

Vote