For many, the idea of a secret, online illicit drugs marketplace seems fantastical. In a world of increasing Internet censorship, the idea that a group can freely offer and sell internationally-controlled substances appears excessively idealistic.
Yet, Silk Road exists, or at least it did exist. Recently, the website has been hit with a series of distributed denial-of-service (DDoS) attacks, which overloaded the site’s bandwidth pipeline and made the service inaccessible. At the time of the writing of this article, the site was operational, but registration was blocked due to site maintenance.
The Silk Road anonymous marketplace is a darknet site that permitted buyers to anonymously buy and sell illicit substances without fear of being connected to the transaction in the real world. Buyers connect to the website using the Tor Network — a private network of proxy computers and encrypted, private connections which disguises the Internet Protocol (IP) address of both the requesting computer and the server in which a connection is sought. Transactions are paid by using bitcoins, a decentralized, virtual currency favored by certain communities because it maintains no link to any bank or monetary account.
Recent listings on Silk Road have included everything from uncut black tar heroin to LSD; from a forged Australian electric bill (to prove Australian residency) to trained assassins for hire. In 2011, Sens. Charles Schumer (D-N.Y.) and Joe Manchin (D-W.V.) asked the Justice Department to investigate and crack down on the secretive contraband market. The Justice Department has not released any details about any investigations it may have initiated into the matter. In part due to the notoriety developed from the senators’ inquiry, Silk Road generates about $22 million in annual sales, according to Forbes, and is the largest handler of bitcoins.
On Saturday, the website posted a notice indicating that it had received an email from a user with the handle “Lance G,” threatening to knock the service offline unless he was paid $5,000. Spokespersons from Silk Road confirmed that the DDoS attacks did originate from a blackmailer.
Theories on the nature of this attack are numerous. One popular theory has that law enforcement attacked England’s largest online drug store front. Another is that a potential competing service initiated the attack. Silk Road insiders have offered the $5,000 “ransom” as a reward for anyone offering information that leads to the arrest and conviction of “whoever is behind this extortion attempt.”
Bitcoins and the economy of drug use
Silk Road’s bitcoin-based economy is highly subject to hyperinflation. Incidents like the April 10 yo-yoing of the bitcoin’s value from $266 per bitcoin to $105 before returning to $160 within a six-hour period suggest that bitcoins are less of a currency and more of a commodity. The exponential growth in bitcoin value — one bitcoin went from exchanging for $13 at the beginning of the year to $190 per bitcoin by April 9 — suggests an environment that would encourage hoarding rather than free exchange, particularly when considering that the global bitcoin supply is finite.
The “Dread Pirate Roberts,” founder of the Silk Road, feels no threat from such instability. In a public statement made to Forbes, the “Dread Pirate Roberts” said, “Bitcoin’s foundation, its algorithms and network, don’t change with the exchange rate. It is just as important to the functioning of Silk Road at $1 as it is at $1,000. A rapidly changing price does have some effect, but it’s not as big as you might think.”
Sellers on Silk Road can peg their prices to the U.S. dollar, which automatically adjusts them to the current buying power of the bitcoin. In addition, Silk Road also has buyer protections, such as an eBay-style escrow system that holds the bitcoins used in the transaction in third-party hands until a product’s delivery has been confirmed.
Additionally, as a Silk Road user who goes by the handle “Astor” argues:
“What keeps [Silk Road’s] business afloat in this deflationary period is the large percentage of irrational actors in the drug community. I think they fall into two categories: 1. Ignorant/uninformed people. These are people who just want drugs and don’t follow bitcoin. They buy when they need coins and spend immediately. 2. Addicts. People who need their drugs and will pay for them, despite knowing that they could buy twice as much for the same money in a week.”
Distributed denial-of-service attacks
While the DDoS attack on Silk Road was inconvenient for some, it reflects a bigger problem. On Tuesday, GoDaddy — one of the world’s largest web hosting and Internet domain name registry firms — was hit with a DDoS attack, which knocked offline a major part of the service’s European infrastructure. “Some of our customers in Europe experienced intermittent website connectivity earlier today. We mitigated what was a large-scale attack on our European Internet infrastructure,” said Nick Fuller, GoDaddy’s communication manager.
According to a report from Solutionary, a company can spend up to $6,500 per hour recovering from a DDoS attack and up to $3,000 a day to mitigate and recover from a malware infection. A DDoS attack — in which malware attacks multiple computers, forcing the computers to make cascading calls for information to a target website, clogging up its bandwidth and denying access for legitimate calls to the website — has become the favored way to attack an Internet service, due to the fact that it does not actually change or infect the target system.
In March of this year, the single largest DDoS attack knocked global Internet connection speeds to a crawl as Spamhaus — an anti-spam group — was hit by an individual going by the handle “SK” with an attack that reached 300 gigabits per second.
To put this number into context, at that rate the entire U.S. Library of Congress could be downloaded in less than eight hours. The attack knocked Spamhaus offline for five days.
Most Internet-connected devices — including computers used by government agencies, major companies, industry regulators and banks — use Internet protocols which are ping-based and are therefore susceptible to DDoS. With a reported 718 percent increase this year (according to a study by Prolexic Technologies) in overall bandwidth consumed by DDoS attacks, and with a recent report by Verizon stating that most recent DDoS attacks have come from activist groups, there are real reasons to be concerned by the threat of a DDoS attack.
After the 2010 hurricane off Myanmar, an international DDoS attack blocked access to various media sites, blocking access to government news. Likewise following the recent Boston Marathon bombing, Reddit was shut down for about an hour by a DDoS attack, receiving more than 400,000 illegitimate requests per second.