A Sussex link to a `routine’ US child abuse inquiry has led to the exposure of a global ring using KGB codes to hide in cyberspace. Stuart Millar reports
Even by the increasingly sophisticated standards of Internet child pornographers, the Wonderland club operated on a technological and organisational level which shocked investigating authorities around the world.
More than 100 people were arrested in 12 countries last week as police acted against the Wonderland club, described as one of the world’s most sophisticated paedophile rings.
More than 100 000 indecent images of children, some of them as young as two, were uncovered during raids in the United States, Australia and European countries including Britain, Finland, Norway, Italy, Portugal and Germany. Officers believe members were among the most active child pornographers using the Internet.
Much like the most exclusive of private clubs, membership was on a strict invitation-only basis, with nominations having to be approved by senior figures within the organisation.
Status in the organisation, according to police, appears to have been based on whether individuals produced their own material, for example by abusing family members, or compiled their stock from Internet images.
The club restricted its membership to people already among the most active in cyberspace’s child sex scene. A basic criterion before candidates could be nominated for membership was that they possessed at least 10 000 images of child pornography. But not just any 10 000; many of them had to be different from any of those held by other members.
It is this aspect which most alarmed child protection agencies and police, and which sets the Wonderland club apart from previously uncovered paedophile rings.
`Just to get through the door, members had to already have access to an incredible number of images,” says Ruben Rodriguez, of the US-based National Centre for Missing and Exploited Children. “I think we can conclude that we are talking about the hard core of Internet child pornographers.”
To protect its exclusivity, Wonderland’s network on the Internet was shielded by an extremely advanced security system.
Unconfirmed reports from the US claim it even used a code originally developed by the KGB to encrypt all its communications. As a result, Wonderland was able to exist in complete secrecy.
In the end, it was not the high-tech scanning and tracking of Internet sites which revealed the club’s existence; instead the mammoth global investigation, codenamed Cathedral, which led to the arrests was sparked by a US police investigation into a routine child abuse allegation.
In June 1996, the mother of a 10- year-old girl in a Californian farming community contacted police after her daughter complained that she had been abused by the father of a friend when she stayed at their house overnight.
Local detectives discovered that the man’s house contained digital equipment capable of broadcasting live pictures of abuse on the Internet.
Computer files containing pornography were also recovered. Shortly afterwards, another man was arrested and the FBI and US Customs were called in.
It emerged that the two men were part of an international paedophile ring, known as the Orchid Club, which was abusing children as young as five and broadcasting pictures on the Internet.
According to the California state indictment, the club’s activities included the videotaping of a five-year- old girl somewhere in the Midwest of America. At least 11 men had watched the child being abused live on the Internet. During the session they had sent requests to the man abusing her, detailing the abuse they wished to see.
The investigation identified three Britons involved in the club, one of whom lived in Hastings, East Sussex.
Tipped off by US Customs, Sussex police raided his house and seized his computer equipment. It was only when this was being analysed that they uncovered the existence of the far bigger and more sophisticated ring which styled itself the Wonderland club.
After preliminary investigations, Sussex police handed the investigation to the National Crime Squad, which in turn passed information to police forces in 11 other countries.
Amid fears that children were being abused on a continuing basis, British police set a deadline for the investigation.
There was, however, still some way to go before arrests could be made. As well as being faced with the encryption system, the information from the Hastings computer identified not real people but merely a series of “screen names” – the nicknames they used to communicate.
Investigators in each country then had to link the screen name to an Internet service provider, which was contacted to establish the identity of the user. Most of the membership appears to have come from the US.
During the raids, police discovered computer images, video tape, photographs, and AVI (audio- visual) computer files which showed motion sequences of abuse. Unlike the Orchid Club, no evidence of live digital broadcasts was discovered in the US.
The swoop does not mark the end of the operation. Officers must now attempt to identify the children involved. Experts say the task will be made more arduous as it is difficult to tell how old an image is. A 10-year-old in a picture may now be 40.
The hope in the meantime is that operation Cathedral has halted the abuse.