In this digital netherworld, a market for pedophilia, human trafficking, weapons sales and hacking emerges

Cyber experts say you can anonymously hire a hacker to wreak havoc. Or your can buy malicious software and do it yourself.


The offer is blunt and chilling.

An individual by the name of Rent-A-Hacker claims in an online ad that you can hire him to destroy the reputation of any person or business you desire.

“If you want someone to get known as a child-porn user, no problem,” the ad reads. “I’ll do anything for money.”

That’s not hyperbole. Cyber experts said you can anonymously hire hackers to wreak havoc on everything from one person to tens of thousands of hospitals, banks, universities, power plants, government agencies and other major institutions and businesses worldwide.


Or you can buy malicious software and learn to do it yourself.

The process begins with a visit to the dark web, a secretive corner of the World Wide Web that’s starting to become as well-known for cyber attacks as it is for transactions involving illegal drugs, weapons, child pornography, human trafficking and stolen data.

The dark web is a digital netherworld where black-market sites are hidden from search engines such as Google and Bing. But visitors can explore and buy its wares with special browsers that conceal people’s identities and locations.

Hackers find this arrangement ideal for surreptitiously developing and distributing malware, planning cyber offensives and sidestepping law enforcement.

The dark web is so covert, it’s difficult to precisely track specific characters and their actions. Still, analysts believe the dark web and its main browser, Tor, played a key role in a recent series of high-profile cyber attacks that raised public awareness of hacking to a new level.

Two events have stood out.

Last October, hackers hijacked thousands of Internet-connected devices in people’s homes and used them in an attack that knocked out popular websites in the United States, including Netflix, PayPal, Twitter, Spotify and Airbnb.

That incident was followed in May by a more ambitious operation. Hackers unleashed WannaCry, a digital “worm” that infected more than 230,000 computers worldwide with ransomware. The worm — basically nasty software — froze computers’ operating systems and then demanded ransom in exchange for relinquishing control of those machines.


The attack disrupted hospital care in England, closed gas stations in parts of China, crippled some railway operators in Germany, slowed auto production in France and interfered with FedEx’s delivery system in Europe.

“The general public is beginning to realize that while they’ve been busy with online shopping and banking and Facebook and YouTube, the darker elements of society have been developing their own uses of the internet,” said Stephen Cobb, a researcher in the San Diego office of ESET, a cybersecurity firm.

“They’re leveraging its anonymity and ubiquity to enable a wide range of crimes, both digital and physical.”

For a number of reasons, things are expected to get worse.

It’s becoming easier to buy products and services on the dark web due to the growing acceptance of Bitcoin, a digital currency that can be hard to trace.

The world also is experiencing explosive growth in the use of web-connected devices, giving hackers ever more targets. That’s especially true in people’s homes, where such things as refrigerators, thermostats, nanny cams and toothbrushes are being linked the web.

Many of these devices have little or no security.

Hackers also are getting better at stealing and selling data, particularly electronic health records, which sell for $500 on the dark web.


Law enforcement has battled some of these hackers successfully. Most recently, they shut down AlphaBay, a huge dark web black market.

But most of the time, investigators struggle to identify cyber criminals. By definition, the dark web is meant to be mostly hidden and secret.

“There’s no one to subpoena,” said Special Agent Nicholas Arico, who works cybercrime out of the San Diego office of the FBI.

In recent weeks, the credit bureau Experian has been running TV ads that highlight the dangers of the dark web. Such advertising is welcomed by cyber experts, who say the public is confused by much of the online world, and how it can affect their lives.

At a minimum, people should know that the web is composed of three neighborhoods, each which have different names and functions.

The public is most familiar with the “surface web,” the term used for public sites that can be found with standard search engines like Google, Yahoo and Bing. This is where Facebook lives. And CNN. And WebMD.


There are about 1 billion of these websites, but they make up only four percent of the World Wide Web. The other 96 percent is called the “deep web,” which is mostly composed of databases run by government agencies, financial institutions, health systems, libraries, and colleges and universities.

All of these databases have addresses. But for privacy and protection, they’re not indexed. They cannot be easily found with standard search engines. But you can use a browser to visit the sites if you know the address. Most of these sites require log-ins, and many are not open to the public for any reason.

Then there’s the “dark web,” a subset of the deep web that’s composed of about 7,200 sites. It’s called dark because it’s hard to find and it’s content is hidden.

Analysts say that hundreds of sites on the dark web are forums and black markets where millions of dollars in illegal commerce occurs each day. You can buy everything from grenade launchers to opioids to hacking tools stolen from the National Security Agency.

The criminality is so widespread it obscures the fact that the dark web also broadly benefits society through the use of customized browsers, particularly Tor, which can be downloaded for free.

Tor and its support network are so effective at hiding a person’s identity and location they’re widely used by whistleblowers, journalists, businesses, non-government organizations, the military, and political dissidents, including people who were involved in the Arab Spring uprising in the Middle East.


“The Tor network is used every day all across the world to help people in oppressive regimes to communicate anonymously without fear for their safety,” said Christine Runnegar, a staff adviser at the Internet Society, an advocacy group based in Reston, Virginia.

“It’s an important human rights tool. Chances are a library near you acts as a Tor exit relay.”

The browser also is used by people who simply wish to remain anonymous so that they can avoid having information about their lives collected by governments, corporations and social networks. About 1 million people use Tor to access Facebook.

Tor represents a scientific advance that is being used for good and ill. And the downside generates a lot of concern and frustration.

The Wannacry and Petya ransomware attacks in May and June “started from NSA tools that were leaked on to the dark web,” said Kevin O’Brien, chief executive officer of GreatHorn, a Boston-based cyber company.

“The amount of off-the-shelf malware for sale on the dark web is expanding daily.”

Gary Davis, a security evangelist at Santa Clara-based McAfee says, “We are also seeing an increase in malware-as-a-service being made available where, after answering a few quick questions and providing payment, anyone can launch an attack. You can even find how-to videos on YouTube that step you through how to use malware and launch attacks.”


The situation represents a nightmare for law enforcement.

“It’s incredibly difficult to prove who is doing these actions -- there’s anonymity on the Internet and then hackers can bounce their attacks across countries, often utilizing countries where there aren’t laws against it or where the authorities don’t have time or expertise to try to help the US in tracking down these criminals,” said Ben Johnson, chief technology officer at Obsidian Security in Newport Beach.

It’s painstaking work.

The FBI’s Arico said, “One of the things we do to determine if someone is a big player in the market is just look at their moniker and say ‘How many transactions did that particular individual do and what’s the size of their Bitcoin wallet?’

“It’s one of those things where you have to use traditional law enforcement techniques coupled with new technology. We’re constantly having to reinvent new ways to gain attribution.

“The most difficult thing in any type of cyber investigation — specifically in a dark market — is putting the person behind the computer.”

The situation represents “a global problem and won’t go away until there is much better legal cooperation between key countries, especially Russia, China and the West,” said Satya Gupta, co-founder and chief technology officer of San Jose-based Virsec.

“The hackers are nimble, good at hiding their tracks, and can more easily monetize activity through Bitcoin, or complex chains of Paypal accounts.”


“This will be an ongoing arms race between well organized, and well-funded hackers, and businesses and individuals that are getting smarter about security. There is no easy cure for this other than constant vigilance.”

Robbins writes for the San Diego Union-Tribune.

Twitter: @grobbins


Their code was used to hack Sony and create ‘WannaCry.’ Meet the ‘Lazarus Group,’ the armed robbers of the Internet


Girl Scouts offers merit badges for making friends, painting and horseback riding. Up next: cybersecurity

‘WannaCry’ ransomware attack shows why Apple refused to hack terrorist’s iPhone

Trump’s plan to create a cybersecurity partnership with Putin draws ridicule from within his own party