The Dark Web, Part 1

Created 4 years 169 days ago
by RitaP

Tags:
Categories: categoryCyber Security Intelligence
Views: 3167
Understanding the WEB to Shed Some Light on the Dark Web

by David Wren

As a function of changes in how people work resulting from COVID-19, computer users are experiencing a “new normal” as they transition from working at home to practicing flextime in the office. These changes have led to an exponential increase in illicit hacker activity and data compromises. So often, we hear that a company’s data, usernames, passwords, social-security numbers, and more are for sale on the “dark web.” I thought I would use the next few articles to shed light on the dark web.

We can classify the internet into three categories: surface web, deep web, and dark web. Everyone is familiar with the surface web. We use it every day. We hop onto Google, Bing or Yahoo and go to any of the millions of websites that have been indexed by these search engines. Generally, the surface web represents a very small fraction of the overall WWW. Most experts say that 4% or less of the internet is indexed and searchable.

When you search through the surface web, your online activities are being followed, logged and indexed, which is why, when you search for a new pair of boots, you are bombarded with advertising related to your search. Collecting and selling your search activity is big business for the search engines, social media sites and companies that harvest your search information. Even in our connected world, you can get a pop-up ad on your smart device when you are near a store or restaurant that sells something in which you are interested. These brick-and-mortar businesses are likely subscribers to surface-web data collection.

The deep web is a subterranean layer of the internet that is hidden from conventional search engines and encompasses between 96% and 99% of the internet. The deep web includes data contained in private networks, such as medical records, research papers, financial documents, subscriptions, government reports, databases, etc. Generally, this content is one layer removed from the surface web behind a paywall (i.e., subscription or fee) or requires sign-in or user credentials.

People use the deep web regularly so we should not see the concept as scary or ominous. However, the deep web contains information that should be protected with an extra layer of security given that “bad actors” are constantly phishing for access to these data. The terms deep web and dark web are often used interchangeably. However, the two are vastly different.

The dark web certainly sounds ominous, and sometimes it is. The dark web is a much smaller subsection of the deep web and is defined as the part of the WWW that is only accessible by means of special software, allowing users and website operators to remain anonymous or untraceable.

Most industry experts estimate that the dark web comprises less than five percent of the WWW. Not all websites and activity on the dark web are nefarious. Legitimate reasons exist for conducting research in an anonymous and untraceable fashion. In fact, some large companies advertise and sell subscriptions, products and services to buyers and users who legitimately seek anonymity and want to avoid being traced or marketed to continuously. However, the latter uses are not the focus of this article and series. I just wanted to point out that legitimate reasons exist for accessing the dark web.

The special software required to access the dark web is called The Onion Router (TOR), a free and open-source software that enables encrypted communication. TOR directs internet traffic through a free, worldwide, volunteer network consisting of more than 4,000 relays to conceal a user’s location or usage from anyone conducting network surveillance or traffic analysis. The TOR network provides the level of encryption that allows users and their activities to remain anonymous and untraceable, provided that the TOR router is set up and configured properly.

It is important to note that what thrives on the dark web does so because of the anonymous, encrypted nature of how the dark web works. This capability provides users and operators with strong anonymity protection and is why so much illicit activity takes place on the dark web.

In next months’ issue, we will cover the threat actors and the marketplace on the dark web.

David Wren, CISM is President of Network Technology Partners, a regional Cyber Security Intelligence firm headquartered in St. Louis, MO. He can be reached at dwren@ntp-inc.com.