The Internet is not anonymous. Wherever you go, you leave traces that show who you really are. Some of them are bigger than others, but the bigger one is your IP address.
If someone has your IP address it is not difficult to find out your identity.
What are IP addresses?
Before mentioning the practices, let's define what an IP address is. In short it is a number that identifies a computer on a network. There are two types of systems definition currently in use: IPv4 and IPv6.
In addition, there are two categories of IP addresses. Private IP addresses are used to identify machines on a closed (local) network. Your home Wi-Fi network, for example, has private IP addresses that allow your computer to talk to your game console, your router. Every device that connects to the internet also has a unique internal IP address.
Then there are the IP addresses used throughout the Internet for exactly the same purpose. Your Internet Service Provider (ISP) has an address that comes in one of two forms: static or dynamic.
Static IP addresses are fixed. Like your phone number. Even if you change your device number it remains the same. A static IP address never changes.
Dynamic IP addresses are commonly used in homes or businesses. Unlike static addresses, they change. The ISP changes IP addresses on the network almost every day. This is a more economical solution as it allows easier maintenance and disposal by ISPs.
Most websites maintain detailed logs for their visitors for many reasons. For example, a website such as Facebook or Dropbox is used to commit a crime. Someone created a fake account to post content that violates the law.
Authorities can find out who this person is by asking the website what the person's IP was.
IP addresses identify computers, not individuals. To overcome this hurdle, researchers must first determine which ISP owns this IP address.
This is very easy of course. ISPs usually have "blocks" or "groups" of IP addresses. They are recorded in public databases operated by the RIR (Regional Internet Register). There are five registries and each is responsible for managing IP addresses in its own area. Thus, finding an ISP is simply a matter of entering the IP address into the correct database.
If you search for an IP on Google, you will find dozens of websites that can help you find the hosting company. You can also use the Whois tool to get the same results.
Once you know the ISP, it's just a matter of routine. As we have mentioned in previous publications, the Authorities may oblige individuals or companies to provide evidence that they have. Otherwise, a fine or imprisonment may be imposed.
Authorities can then access the name and address of the subscriber who committed the offense.
But what if your ISP uses dynamic addresses?
It does not matter, because ISPs, like websites, keep logs. By looking at their files, they can easily identify which subscriber had a specific IP address at a particular time.
Of course, this does not necessarily mean that we have found the criminal. If, for example, he used public Wi-Fi to commit the crime, the authorities can only locate this public access point.
However, then they can continue the search, looking at footage from security cameras etc.
It is worth noting that law enforcement agencies are not the only ones interested in naming IP addresses. Attorneys or law firms often collect IP addresses that are used to obtain pirated content. They then issue calls to ISPs asking for their customers' contact information.
Of course, anyone can access the internet anonymously, using Tor or a VPN. There are services VPN claiming that they do not maintain usage logs, although it is difficult to verify whether this is true or not.
Connecting from a VPN chain makes your identification much more difficult. Authorities can track an IP address in a VPN company, but if a criminal connects to that VPN from one to another and then another, authorities will have to search many computers and different companies to find out more details.
It should be noted that if the use of VPNs is combined with an operating system like Qubes, the detection of the culprit will become much more difficult.
Tracking IP addresses is not the only way to catch cybercriminals. For example, o Ross Ulbricht, who was managing the DarkWeb mine-silk Road, was caught revealing his real name on an online message board.