Sir Tim Berners-Lee invented the World Wide Web in 1989, and then it became available to the general public by 1991. The web is an internet service that was designed to help scientists and academics exchange information more effectively. But by the late 1990s, the web helped to make the internet popular and accessible to ordinary people all over the world. Over thirty years after Berners-Lee’s first proposal for the web-- that technology has revolutionized everyone’s lives.
Google emerged as the most popular way to search the web by the 21st century, with Bing and DuckDuckGo as frequently used alternatives. But there’s loads of web content that’s delivered through the HTTP and HTTPS protocols that cannot be found through conventional means.
When cyber criminals want to exchange information on the web, the smart ones avoid the parts of the web that are easy to track. Innovations in networking technology led to the creation of a part of the web that can only be reached by fully encrypted anonymizing proxy networks. Are those cyber criminals doing anything your business should be worried about? Deep Web and Dark Web are popular buzzwords these days, so what does it all mean?
The Deep Web and the Dark Web sound elusive and esoteric, but I can make it all easy to understand.
Deep Web versus Dark Web: What's the difference?
People very frequently confuse the Deep Web with the Dark Web and vice versa.
The Deep Web consists of all of the parts of the web which aren’t indexed by popular search engines like Google or DuckDuckGo. It’s not all a criminal red light district zone, in fact the majority of it is pretty innocuous. I made Angelfire and GeoCities websites as a 90s’ teen, years before Facebook, Google, or YouTube ever existed. I’d be a bit embarrassed for you to find the Spice Girls fan site I made back then, but it’s all perfectly legal and Safe For Work.
Most of the Deep Web is just stuff that’s too old or obscure to be found by one of Google’s web crawler bots that they use to help maintain their search engine. You can use your regular web browser to access much of the Deep Web, but you may need to use web archives in order to find what you want. The Wayback Machine is great for this purpose.
The Dark Web is also a part of the Deep Web. The Dark Web is the part of the Deep Web that can only be accessed through encrypted anonymizing proxy networks such as Tor or I2P. You will need to install special software on your PC or phone in order to use them. Those proxy networks are great for purposes like helping journalists in hostile territories report on war and politics. But because those proxies use cryptography and lots of relays in order to make servers and endpoints difficult to track, they also help to facilitate cyber crime.
Think of it this way. All Dark Web is Deep Web, but not all Deep Web is Dark Web, as all apples are fruit, but not all fruit are apples. All of the internet that’s outside of proxy networks like I2P or Tor is often referred to as the “clearnet,” in contrast with the “darknet.”
Types of cyber crime in 2019
Cyber criminals will often choose to use the Dark Web in order to engage in their malicious activities. The Dark Web is full of illegal marketplaces and forums where criminal activity is advertised and communicated about. If you install I2P software or the Tor Browser, you can find those Dark Web sites yourself. There are search engines which are specific to finding stuff on the Dark Web, such as Ahmia.fi and the Onion URL Repository. Websites which are only found on the Tor network usually use the .onion top level domain, and websites that are only found on the I2P network usually use the .i2p top level domain.
Contrary to popular belief, in most of the world outside of China, using those proxy networks in and of itself is legal. Simply visiting Dark Web markets like Empire Market, Dream Market, and Nightmare Market is generally legal. In most of the world, you haven’t broken the law unless you’ve looked at explicit child exploitation material, or you’ve tried to buy or sell illegal goods and services. In my work, I often visit those markets myself in order to inform myself about what cyber criminals are up to.
In the most popular Dark Web markets, illegal items are often sold such as illicit drugs, malware, firearms, stolen credit cards, and banking information. Cyber attack services are frequently sold in those same markets, like access to botnets that can conduct distributed denial of service (DDoS) attacks in order to temporarily disable websites… Websites like the ones your business may have on the clearnet.
The only type of illegal thing that those Dark Web markets usually forbid is explicit child exploitation material. Pedophiles have their own Dark Web sites and forums which are completely separate and unrelated from the sorts of places where cocaine and computer viruses are sold. Even drug dealers and cyber attackers have standards, apparently.
Best practices for dealing with the darknet
There are two types of Dark Web activity that your business or organization should be worried about.
Cyber criminals buy and sell malware, exploit kits, and cyber attack services, which they may use in order to harm your organization’s networks and data. You can protect your company from that harm by deploying the usual sorts of security measures and tools. Use antivirus software, log your network devices, deploy SIEM, configure firewalls, routers, and switches securely, be aware of all of your network activity, use strong identity and user access management, encrypt your data in storage and transit, and so on. Malware and network intrusion, whether or not the Dark Web was its origin, can be defended against in the same ways.
The other type of Dark Web activity your company should be worried about is if your sensitive data is being sold there. Corporate data breaches are becoming alarmingly more frequent, and cyber criminals will often try to sell that data on the Dark Web. That data could consist of login credentials or financial information which can be used to do tremendous harm to your business when in the wrong hands. The “wrong hands” could try to buy your sensitive data with Bitcoin.
5 Steps to Maximize Your Financial Data Protection is a great place to start if you’d like to learn how to prevent cyber criminals from being able to sell your financial data on the Dark Web. If your company has detected a data breach incident, Ways to Respond to a Breach may affect whether or not cyber criminals can acquire your data to sell on the Dark Web. If your company has the will and resources to better protect your data, those efforts will mitigate data breaches. The fewer breaches you have, the less likely your network’s usernames and passwords will be available to anyone with a Tor Browser and cryptocurrency.
What this all means
The proxy networks that facilitate the Dark Web aren’t all bad. As Bruce Schneier said, “internet anonymity is vital for people living in countries where you can be arrested, tortured, and killed for the things you do online. This is why the US government was instrumental in developing the (Tor network) technology, and why the US State Department continued to fund Tor over the years." The Tor Project’s own Jake Applebaum said, “there is often asserted certain narratives about anonymity and, of course, one of the narratives is that anonymity creates crime. So you hear about things like the Silk Road (a dark web marketplace that sold drugs and guns) and you hear, 'Oh, it's terrible, someone can do something illegal on the internet'. Well, welcome to the internet. It is a reflection of human society, where there is sometimes illegal behaviour.”
Securing your business from the sort of cyber crime that’s bought, sold, and advertised on the Dark Web entails your usual cybersecurity policies, tools, and measures. But because it’s so tough for law enforcement to crack down on Dark Web cyber crime, your company must be more vigilant than ever about cybersecurity.