Lessons from the Silk Road

Screen Shot 2015-03-11 at 9.17.42 AMBy Juliya Ziskina

After a several weeks-long trial, a federal jury found Ross Ulbricht guilty of running and operating the online black market known as Silk Road on February 4, 2015. (We previously covered opening statements in the case here.) The jury deliberated for only three and a half hours before convicting him on all counts, including conspiring to sell narcotics, hacking software and counterfeit documents, and a “Continuing Criminal Enterprise” charge, commonly known as the “kingpin” charge usually reserved for organized crime bosses. He faces a maximum penalty of life in prison. Ulbricht was accused of being the “Dread Pirate Roberts,” the “ringleader” of Silk Road, which he started in 2010 in order to sell hallucinogenic mushrooms. It then grew into a digital marketplace for narcotics and other illegal items like fake passports. Silk Road was cloaked in the Tor anonymity network to hide it from view and used Bitcoin as its currency of choice due its difficulty to track. The site was eventually shut down in 2013 when the FBI seized its servers and arrested Ulbricht.

The FBI claims that it was able to uncover the Silk Road servers via a software flaw on the site’s login page that revealed an IP address. That IP address then led to a location in Iceland where the Silk Road server was hosted. However, some members of the security community surmise that the FBI hacked the login page to force the IP address instead, which is illegal and could set a problematic legal precedent.

How did investigators track down Ulbricht, the so-called kingpin and mastermind behind Silk Road? They simply uncovered his Gmail address. They were able to track one of the first mentions of “Silk Road” on the Internet to a user named “Altoid.” From there, they discovered that the same user had posted to a forum asking Bitcoin experts to email him at “rossulbricht at gmail dot com.” That address was tied to personal accounts on Google Plus, LinkedIn, and YouTube, all of which contained information tying Ulbricht to the Dread Pirate Roberts. After this, it was simply a matter of obtaining his records from Google and tracking him down. Eventually, authorities arrested Ulbricht in a San Francisco neighborhood library.

The other factor used to tie Ulbricht to Silk Road was, ironically, the use of Bitcoin. Known for its difficulty to track due to its digital and seemingly anonymous nature, the cryptocurrency is commonly used in illicit online transactions. However, in this case, the FBI were able to follow more than 700,000 bitcoins from the Silk Road marketplace directly to Ulbricht’s personal account. According to the FBI, they seized his laptop before he was able to encrypt it, thus giving them access to his Bitcoin address. Once they compared it to the blockchain—a master database of all Bitcoin transactions—they discovered that Ulbricht’s digital millions originated from the Silk Road servers.

The Silk Road trial will be remembered because it is a fascinating tale of dark web intrigue. But it will also be remembered because it touched on a number of significant issues, including Bitcoin’s legal status, the FBI’s right to warrantlessly hack into foreign servers used by Americans, and the power and limits of anonymity on the Internet. For the inerasable online drug trade, the trial’s darker lessons will be how not to get caught. As it stands, the case demonstrates that even in the new era of cybercrime, traditional policing—and a solid awareness of human fallibility—is perhaps more effective than technical prowess.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s