On the 3rd of October, Democratic Party of Korea’s homepage had gone down due to DDoS (Distributed Denial-of-Service) attack. Couple days before this attack, there was a writing related to this attack from a Japanese community within the dark web. Since the 30th of September, people from ‘Samurai’ community had been encouraging cyber attacks while protests by conservative groups had been taking place in South Korea at the same time. As a result, Democratic Party of Korea’s homepage had gone down on the 3rd. Samurai community self-congratulated itself for the success of the attack.
Information on more than 200,000 South Korean passports was discovered on the dark web. This information includes personal information, passport number, and passport expiration date of South Koreans who used airlines from Southeast Asian countries. In addition, some of these passports includes 125 passports belonging to public officials and 40 passports belonging to diplomats. Relevant agencies were put on emergency alert as the information could had led to more attacks such as voice-phishing.
Cyber crimes that have recently occurred through the dark web have ascended to a very dangerous level as they plot cyber attacks in addition to leaking personal information. South Korea is not a safe zone to these cyber crimes. Criminal that had been operating a drug dealing site on the dark web was recently imprisoned. More than 10,000 people use the dark web daily.
As the dark web, which was considered as an area that is not related to regular people in the past, has now close ties to daily lives through vitalization of cryptocurrencies, many people are asking for research related to the dark web and countermeasure against crimes that occur through the dark web.
◊What is the dark web?
The dark web is a space that is accessed through routes that are different from search engines that people normally access. Generally, internet occurs through the surface web. People can access search platforms through web browsers such as Explorer or Google Chrome and can be connected to websites. Websites are categorized differently depending on a country such as .kr for South Korea and .jp for Japan. Unlike the surface web, the dark web is not made public to regular people as it is accessed through different routes. ‘Deep Web’ is a special domain that has a different access method from a general access route and it has personal e-mail, P2P (Peer to Peer), and internal local network. Many legal information is also distributed through the deep web. It is used as a window for political expressions in countries where internet censorship is very strict.
The dark web is a portion of the deep web and it can be accessed through specific browsers such as Tor. One can also access the dark web through Hidden Wiki that is not a standard search platform.
Sites’ address within the dark web is ‘.onion’ and they use cryptocurrencies for online transactions.

Photo Image

◊The dark web used by anonymous criminals
Although the dark web was considered as a space that was only used by some criminals and hackers in the past, daily average number of people who access the dark web recently surpassed 3 million (based on Tor) worldwide. Cryptocurrencies have established themselves as the method for transactions. Most of crimes that occur within the dark web involve drugs followed by hacking tool, fraud, and pornography.
According to ‘the World Drug Report 2018’ issued by United Nations Office on Drugs and Crime (UNODC), 62% of crimes found through major marketplaces within the dark place involved drugs. In addition to drugs, guns, fraud, counterfeit, hacking, and malware were also traded through the marketplaces.
South Korea is also in a same boat as other countries. According to ‘Tor Matrix’ that provides statistics on the dark web access through Tor Browser, access rate that fell short of 10,000 people in January of 2019 approached 20,000 in July. Although the number of people who access the dark web has slightly gone down recently, daily average number of people who access the dark web is still around 13,000 people.
Criminals who had been active on the dark web distributing pornography and drugs were arrested. In May of last year, a criminal who had been distributing child pornography on the dark web was caught for the first time. This criminal had operated a site that provides child pornography on the dark web and received Bitcoins from the site’s users in return. According to the police, 156 people had uploaded and downloaded child pornography on the site.
Another criminal had operated a site that sold drugs on the dark web between March and November of last year and sold drugs with other dealers about 18 different times. The criminal was arrested and charged in December of last year and recently received 8 years of prison time. How crimes are taking place globally through the dark web is not much different in South Korea.
“Many transactions where drugs are purchased through cryptocurrencies on the dark web and are received at places like clubs take place secretly.” said a representative for the industry. “Although it is possible to trace operators with the dark web, it is not yet possible to trace people who purchase and use illegal materials within the dark web.”
◊Prosecutors and police taking actions
Although number of crimes on the dark web is on the rise, countermeasure and research on these crimes are still lacking. In addition, it is difficult to bring up the level of investigation ability in a short period of time as advanced countries are not sharing tracking information due to reasons such as national secret.
South Korea’s investigation agencies have finally recognized the threat of crimes on the dark web and started taking necessary actions. South Korean prosecutors set up Cyber Investigation Department at Seoul Eastern District Prosecutor’s Office in July of last year and it also formed an investigation team specializing the dark web at Seoul Central District Prosecutor’s Office this past month.
National Police Agency (NPA) along with Cyber Bureau and cyber safety departments from local governments are investigating crimes related to the dark web. NPA recently introduced a system that traces collection of illegal information within the dark web. This system automatically extracts illegal information created within the dark web and is linked to NPA’s local network. NPA’s plan is to collect and analyze keywords related to crimes and use identifications of operators for its investigations.
“South Korean police and prosecutors have recently recognized the fact that violet crimes that have recently occurred are linked to the dark web and secured necessary investigators and introduced a system that traces illegal information within the dark web.” said a representative for the industry. “However, they still need to strengthen their investigation abilities as their abilities are still in an infant stage compared to that of other advanced countries.”
Private research and investigation are still lacking. KISA (Korean Internet & Security Agency) and Ministry of Science and ICT are only dealing with demands for relevant technologies and they are not carrying out any separate activity such as investigation.
“Because it is even difficult to trace people who access the dark web as they are all anonymous, it requires high degree of technologies to trace people within the dark web.” said a representative for KISA. “Main investigation agencies are currently conducting R&D in areas where technical development is needed.”
Staff Reporter Jung, Youngil | jung01@etnews.com