If you’ve never heard of Silk Road or the Deep Web, or have heard of them but have trouble grasping the technology or concepts involved, this explainer is for you.
So what is Silk Road?
Silk Road is an online marketplace where users can purchase everything from illegal drugs to unlicensed firearms. It is hosted on the “Deep Web,” a collection of websites that are not indexed by search engines and thus hidden from public view. The deep web is accessible only by downloading special software called Tor, which anonymizes web traffic.
Think of every message sent through the Internet–whether it be an email, a tweet or traffic to a website–as being a mailbag full of letters. Your I.P. address, or “Internet Protocol” address, can be likened to the letters’ return address. When a user uses the Tor Browser bundle (which provides the Tor software plus a browser) instead of a regular browser like Chrome or Firefox, the letters become encrypted so that the content of the letters can’t be read. The encryption also obscures the return address, making it impossible to tell where the letters came from.
Tor then takes these encrypted letters (technically called “packets”) and passes them through a large network of routers, which are intermediaries that direct Internet traffic, much like a post office directs letters. The routers pass the letters back and forth between one another, further obscuring the letters’ source. Each time a letter passes through a router, it’s decrypted slightly, so that the router knows where next to send it, and re-encrypted. Eventually, each letter will reach a router designated as an “exit node,” where the final layer of encryption is decrypted, revealing the original. The letter is then stamped with the exit node’s IP address (like a new return address), and is sent to its destination.
This means that if a user accesses websites using Tor, their activity online is virtually anonymous .. http://topics.time.com/anonymous/ .. and much more difficult to track than traffic passed through a typical browser like Chrome. People who want to do illegal things on the Internet, such as purchase drugs through Silk Road, use Tor so that their online activity is more difficult to track.
Websites on the Deep Web also have a different URL construction than websites on the “surface web,” the web we use every day. Domains on the Deep Web end with the extension “.onion” instead of the popular “.com”, and the text before the domain, such as “time” in “time.com,” is a series of randomly generated numbers and letters. Silk Road’s domain, for example, was http://silkroadvb5piz3r.onion.
If you try to go to a .onion URL on a normal browser like Chrome, it will not work. .onion URLs only work using the Tor software.
Who uses the Deep Web?
Though the Deep Web does have its share of criminals and hackers (just like the surface web), it also serves some pretty important functions. For one thing, Tor software can be used by citizens in countries with governments that closely monitor their Internet activity and curtail their free speech. The Tor project, the 501c3 nonprofit that maintains the Tor network and software, states on their website that journalists, militaries, law enforcement, activists and whistleblowers use Tor.
Who made the Deep Web?
The “Deep Web,” or Tor network, was actually originally funded by the U.S. Naval Research Laboratory, which developed the network with the hope that it could properly protect and encrypt government communications. From 2004 to 2005 it was supported by the Electronic Frontier Foundation, but is now run by the Tor Project. To this day it is still largely funded by government organizations across the world .. https://www.torproject.org/about/sponsors.html.en , including the United States.
Okay, so what can you buy on Silk Road?
Any sort of illicit drug like heroin, cocaine and methamphetamine could be procured on Silk Road before its shuttering, alongside illegal firearms, hacking tools like keylogging software, the services of hackers who promised hacks like infiltrating the Facebook or Twitter profiles of your choice, fireworks, forged documents and more.
----- Created by a Japanese programmer named Satoshi Nakamoto (a pseudonym) in 2008, bitcoin is what’s known as a cryptocurrency. It’s both a decentralized currency and a payment system that exists entirely online, allowing users to exchange money anonymously. -----
Instead of inputting their credit card numbers, which even on the Tor network would make their purchases easy to track, Silk Road users instead purchased Bitcoin from an exchange like Mt. Gox, and then used those to make purchases on Silk Road. Silk Road also uses a special money laundering function called a “tumbler” that further anonymizes transactions.
Bitcoin’s value is based on the market; currently, one Bitcoin is worth about $115. Bitcoin can easily be exchanged for cash online.
What does Silk Road look like?
Once you downloaded Tor and navigated to http://silkroadvb5piz3r.onion, you’d be greeted with a login screen asking for your username and password. If you wanted to register for a new account, you’d follow the link for new users and all Silk Road required you enter was a username, password and country, and you would be registered as a new buyer. New seller accounts are limited, however, and must be purchased at auction.
Once inside, Silk Road looks like an average ecommerce website, albeit one stocked with drugs and guns and hacking equipment instead of clothes and home goods. In the complaint filed by the FBI yesterday, the agent responsible for investigating Silk Road included an example of what Silk Road looks like:
[hidden: Screen Shot 2013-10-03 at 1.15.12 PM]
[hidden: Screen Shot 2013-10-03 at 1.15.37 PM]
Is Tor still private?
Yes and no. Technically web traffic is still private on Tor as the network itself remains unchanged, but that doesn’t mean Tor users are completely untraceable, as Ulbricht’s arrest indicates.
This all sounds interesting. I think I’m going to download Tor and poke around Silk Road.
Glad you’re curious, but after the feds arrested Ross William Ulbricht, the alleged operator of Silk Road, they seized the website and shut down all operations. When you head to Silk Road now, all you’ll find is this message:
[hidden: Screen Shot 2013-10-02 at 1.20.59 PM]
Oh okay, I wouldn’t want to get arrested anyway.
Going on the Deep Web won’t get you arrested. Plenty of people use Tor to access normal surface websites–like Time.com!–but opt to access the Internet through Tor, rather than directly with Chrome or other browsers for privacy reasons. Tor Browser can function like a normal browser, but it can also access “deep web” websites.
The Deep Web has become infiltrated with cybercrime because it is much more private than the surface web, allowing criminals to operate in the shadows. We don’t recommend exploring the Deep Web if you’re not very knowledgable about it, as it could leave your computer open to cyberattacks. If you do decide to explore the Deep Web, make sure you don’t click on any suspicious links, or you could end up looking at illegal and upsetting material like child pornography or snuff films.
Assault on California Power Station Raises Alarm on Potential for Terrorism
An attack on a PG&E substation near San Jose, Calif., in April knocked out 17 transformers like this one. Talia Herman for The Wall Street Journal
Video [embedded] A sniper attack in April that knocked out an electrical substation near San Jose, Calif., has raised fears that the country's power grid is vulnerable to terrorism. WSJ's Rebecca Smith has the details.
Video [embedded] With over 160,000 miles of transmission lines, the U.S. power grid is designed to handle natural and man-made disasters, as well as fluctuations in demand. How does the system work? WSJ's Jason Bellini has #TheShortAnswer.
April Sniper Attack Knocked Out Substation, Raises Concern for Country's Power Grid
By Rebecca Smith Feb. 4, 2014 10:30 p.m. ET
SAN JOSE, Calif.—The attack began just before 1 a.m. on April 16 last year, when someone slipped into an underground vault not far from a busy freeway and cut telephone cables.
Within half an hour, snipers opened fire on a nearby electrical substation. Shooting for 19 minutes, they surgically knocked out 17 giant transformers that funnel power to Silicon Valley. A minute before a police car arrived, the shooters disappeared into the night.
To avoid a blackout, electric-grid officials rerouted power around the site and asked power plants in Silicon Valley to produce more electricity. But it took utility workers 27 days to make repairs and bring the substation back to life.
Nobody has been arrested or charged in the attack at PG&E Corp.'s Metcalf transmission substation. It is an incident of which few Americans are aware. But one former federal regulator is calling it a terrorist act that, if it were widely replicated across the country, could take down the U.S. electric grid and black out much of the country.
The attack was "the most significant incident of domestic terrorism involving the grid that has ever occurred" in the U.S., said Jon Wellinghoff, who was chairman of the Federal Energy Regulatory Commission at the time.
The Wall Street Journal assembled a chronology of the Metcalf attack from filings PG&E made to state and federal regulators; from other documents including a video released by the Santa Clara County Sheriff's Department; and from interviews, including with Mr. Wellinghoff.
The 64-year-old Nevadan, who was appointed to FERC in 2006 by President George W. Bush and stepped down in November, said he gave closed-door, high-level briefings to federal agencies, Congress and the White House last year. As months have passed without arrests, he said, he has grown increasingly concerned that an even larger attack could be in the works. He said he was going public about the incident out of concern that national security is at risk and critical electric-grid sites aren't adequately protected.
The Federal Bureau of Investigation doesn't think a terrorist organization caused the Metcalf attack, said a spokesman for the FBI in San Francisco. Investigators are "continuing to sift through the evidence," he said.
Some people in the utility industry share Mr. Wellinghoff's concerns, including a former official at PG&E, Metcalf's owner, who told an industry gathering in November he feared the incident could have been a dress rehearsal for a larger event.
"This wasn't an incident where Billy-Bob and Joe decided, after a few brewskis, to come in and shoot up a substation," Mark Johnson, retired vice president of transmission for PG&E, told the utility security conference, according to a video of his presentation. "This was an event that was well thought out, well planned and they targeted certain components." When reached, Mr. Johnson declined to comment further.
A spokesman for PG&E said the company takes all incidents seriously but declined to discuss the Metcalf event in detail for fear of giving information to potential copycats. "We won't speculate about the motives" of the attackers, added the spokesman, Brian Swanson. He said PG&E has increased security measures.
Utility executives and federal energy officials have long worried that the electric grid is vulnerable to sabotage. That is in part because the grid, which is really three systems serving different areas of the U.S., has failed when small problems such as trees hitting transmission lines created cascading blackouts. One in 2003 knocked out power to 50 million people in the Eastern U.S. and Canada for days.
Many of the system's most important components sit out in the open, often in remote locations, protected by little more than cameras and chain-link fences.
Transmission substations are critical links in the grid. They make it possible for electricity to move long distances, and serve as hubs for intersecting power lines.
Within a substation, transformers raise the voltage of electricity so it can travel hundreds of miles on high-voltage lines, or reduce voltages when electricity approaches its destination. The Metcalf substation functions as an off-ramp from power lines for electricity heading to homes and businesses in Silicon Valley.
The country's roughly 2,000 very large transformers are expensive to build, often costing millions of dollars each, and hard to replace. Each is custom made and weighs up to 500,000 pounds, and "I can only build 10 units a month," said Dennis Blake, general manager of Pennsylvania Transformer in Pittsburgh, one of seven U.S. manufacturers. The utility industry keeps some spares on hand.
A 2009 Energy Department report said that "physical damage of certain system components (e.g. extra-high-voltage transformers) on a large scale…could result in prolonged outages, as procurement cycles for these components range from months to years."
Mr. Wellinghoff said a FERC analysis found that if a surprisingly small number of U.S. substations were knocked out at once, that could destabilize the system enough to cause a blackout that could encompass most of the U.S.
Not everyone is so pessimistic. Gerry Cauley, chief executive of the North America Electric Reliability Corp., a standards-setting group that reports to FERC, said he thinks the grid is more resilient than Mr. Wellinghoff fears.
"I don't want to downplay the scenario he describes," Mr. Cauley said. "I'll agree it's possible from a technical assessment." But he said that even if several substations went down, the vast majority of people would have their power back in a few hours.
The utility industry has been focused on Internet attacks, worrying that hackers could take down the grid by disabling communications and important pieces of equipment. Companies have reported 13 cyber incidents in the past three years, according to a Wall Street Journal analysis of emergency reports utilities file with the federal government. There have been no reports of major outages linked to these events, although companies have generally declined to provide details.
"A lot of people in the electric industry have been distracted by cybersecurity threats," said Stephen Berberich, chief executive of the California Independent System Operator, which runs much of the high-voltage transmission system for the utilities. He said that physical attacks pose a "big, if not bigger" menace.
There were 274 significant instances of vandalism or deliberate damage in the three years, and more than 700 weather-related problems, according to the Journal's analysis.
Until the Metcalf incident, attacks on U.S. utility equipment were mostly linked to metal thieves, disgruntled employees or bored hunters, who sometimes took potshots at small transformers on utility poles to see what happens. (Answer: a small explosion followed by an outage.)
Last year, an Arkansas man was charged with multiple attacks on the power grid, including setting fire to a switching station. He has pleaded not guilty and is undergoing a psychiatric evaluation, according to federal court records.
Overseas, terrorist organizations were linked to 2,500 attacks on transmission lines or towers and at least 500 on substations from 1996 to 2006, according to a January report from the Electric Power Research Institute, an industry-funded research group, which cited State Department data.
To some, the Metcalf incident has lifted the discussion of serious U.S. grid attacks beyond the theoretical. "The breadth and depth of the attack was unprecedented" in the U.S., said Rich Lordan, senior technical executive for the Electric Power Research Institute. The motivation, he said, "appears to be preparation for an act of war."
The attack lasted slightly less than an hour, according to the chronology assembled by the Journal.
At 12:58 a.m., AT&T fiber-optic telecommunications cables were cut—in a way that made them hard to repair—in an underground vault near the substation, not far from U.S. Highway 101 just outside south San Jose. It would have taken more than one person to lift the metal vault cover, said people who visited the site.
Nine minutes later, some customers of Level 3 Communications, an Internet service provider, lost service. Cables in its vault near the Metcalf substation were also cut.
At 1:31 a.m., a surveillance camera pointed along a chain-link fence around the substation recorded a streak of light that investigators from the Santa Clara County Sheriff's office think was a signal from a waved flashlight. It was followed by the muzzle flash of rifles and sparks from bullets hitting the fence.
The substation's cameras weren't aimed outside its perimeter, where the attackers were. They shooters appear to have aimed at the transformers' oil-filled cooling systems. These began to bleed oil, but didn't explode, as the transformers probably would have done if hit in other areas.
About six minutes after the shooting started, PG&E confirms, it got an alarm from motion sensors at the substation, possibly from bullets grazing the fence, which is shown on video.
Four minutes later, at 1:41 a.m., the sheriff's department received a 911 call about gunfire, sent by an engineer at a nearby power plant that still had phone service.
Riddled with bullet holes, the transformers leaked 52,000 gallons of oil, then overheated. The first bank of them crashed at 1:45 a.m., at which time PG&E's control center about 90 miles north received an equipment-failure alarm.
Five minutes later, another apparent flashlight signal, caught on film, marked the end of the attack. More than 100 shell casings of the sort ejected by AK-47s were later found at the site.
At 1:51 a.m., law-enforcement officers arrived, but found everything quiet. Unable to get past the locked fence and seeing nothing suspicious, they left.
A PG&E worker, awakened by the utility's control center at 2:03 a.m., arrived at 3:15 a.m. to survey the damage.
Grid officials routed some power around the substation to keep the system stable and asked customers in Silicon Valley to conserve electricity.
In a news release, PG&E said the substation had been hit by vandals. It has since confirmed 17 transformers were knocked out.
Mr. Wellinghoff, then chairman of FERC, said that after he heard about the scope of the attack, he flew to California, bringing with him experts from the U.S. Navy's Dahlgren Surface Warfare Center in Virginia, which trains Navy SEALs. After walking the site with PG&E officials and FBI agents, Mr. Wellinghoff said, the military experts told him it looked like a professional job.
In addition to fingerprint-free shell casings, they pointed out small piles of rocks, which they said could have been left by an advance scout to tell the attackers where to get the best shots.
"They said it was a targeting package just like they would put together for an attack," Mr. Wellinghoff said.
Mr. Wellinghoff, now a law partner at Stoel Rives LLP in San Francisco, said he arranged a series of meetings in the following weeks to let other federal agencies, including the Department of Homeland Security, know what happened and to enlist their help. He held a closed-door meeting with utility executives in San Francisco in June and has distributed lists of things utilities should do to strengthen their defenses.
A spokesman for Homeland Security said it is up to utilities to protect the grid. The department's role in an emergency is to connect federal agencies and local police and facilitate information sharing, the spokesman said.
As word of the attack spread through the utility industry, some companies moved swiftly to review their security efforts. "We're looking at things differently now," said Michelle Campanella, an FBI veteran who is director of security for Consolidated Edison Inc. in New York. For example, she said, Con Ed changed the angles of some of its 1,200 security cameras "so we don't have any blind spots."
Some of the legislators Mr. Wellinghoff briefed are calling for action. Rep. Henry Waxman (D., Calif.) mentioned the incident at a FERC oversight hearing in December, saying he was concerned that no one in government can order utilities to improve grid protections or to take charge in an emergency.
As for Mr. Wellinghoff, he said he has made something of a hobby of visiting big substations to look over defenses and see whether he is questioned by security details or local police. He said he typically finds easy access to fence lines that are often close to important equipment.
"What keeps me awake at night is a physical attack that could take down the grid," he said. "This is a huge problem."
Rebecca Smith, energy reporter for the Wall Street Journal, talks with Rachel Maddow about a sophisticated, mysterious attack on a California power station.
News 
Market Data 
Discover 
