Let’s open our Dark Web discussion with a question: just how much of the entire Internet would you think is accessible via the usual search engines? Take a wild guess. We have conducted our own mini-inquiry based on this question, and the answers we received ranged from 20 to 40 percent.
Well, guess again: this 2009 article from the Guardian quoting a 2001 paper by Michael Bergman (an American expert) mentioned that just an Internet quota of 0.03% is actually searchable.
The rest is deep, dark, murky, invisible net – although it does not include the same data types. There is a certain amount of insignificant data coming from all consumer and research activities bundled up somewhere outside search engines’ reach. Here is a relevant infographic on the subject which endows the Deep Web (a term used here as a synonym for Dark Web) with 96 percent of all the www content.
Dark Web structure
Known to host all kinds of illegal and under the radar activities, as well as related transactions and communications, this rogue Internet is constituted out of smaller or larger networks that require certain authorization/access protocols or even specific associated software.
One of the more notorious networks is the Tor Dark Web.
The anonymity in Tor is based on a free software that enables net anonymity. This type of routing system is an acronym for “The Onion Router” and it basically redirects Internet traffic through a network of over six thousand relays in which encryption is implemented layer upon layer (therefore the denomination). This core structure originates in a mid-90s United States Naval Research Laboratory project, later developed by DARPA. The Tor Project received founding from governments and from EFF (Electronic Frontier Foundation). Although described as a socially beneficial project since it encourages “freedom of access and expression” on the net, Tor’s public image has been seriously affected by its hidden net applications. In an attempt to improve this particular image aspects, the project is using Thomson Communications PR services since 2014.
Tor is actually an encryption tool that can be (and is) used for illegal purposes. Beside Tor (or alongside it), there are other cloaking tools employed by the dark websites in order to maintain IP address anonymity; nevertheless it is estimated that the majority of them employ Tor.
As a more recent development related to Tor’s employment in illegal Dark Web activities and its creators position versus the said activities, you may have read about Carnegie Mellon University response to the allegations according to which the University researchers accepted $1 million from the FBI in order to unmask DW users (in the Silk Road operation). The allegations were strongly rejected by the University. Tor Project Director Roger Dingledine in turn spoke of academic research’s need for ethics abidance and addressed a few questions over the way Tor anonymity was surpassed. The press still considered the Carnegie statements somehow evasive, and the entire topic remains “hot”.
Meanwhile Deep Web is considered rather benign – and the PC Advisor above-mentioned article details how every intranet communication piece and various password-protected online operations (such as banking activities, or online mail account activities) generate pages that add to the Deep Web volumes. A more clear separation of the two defines the Deep Web in terms of databases and other content-related data that cannot be indexed by regular search engines.
Dark Web and cyber-security
The connection between cyber-security and the Dark Web is rather straightforward: cyber-crime entities take the stolen data to the dark online marketplace. Companies’ leaked data, personally identifiable information (PII), banking accounts, credit card details, personal video or photographic images – all these have a price in Dark Web transactions.
Apparently there is even an “oversupply” of stolen data on this black market that had determined the lowering of the prices – bulk data is on sale, while some pieces of information remain as expensive as hundreds of dollars per account/credential (especially banking and e-payment data).
Sony Pictures Entertainment hack data and Ashley Madison stolen identities ended up on the Dark Web, and so did various other stolen data bits.
This cyber-crime marketplace also has a designated currency: the Bitcoin. This cryptocurrency is strongly associated with the Dark Web transactions. For example, the infamous Silk Road (which was destructured by the FBI in 2013, using the help of a specially-developed search engine) was considered as the most organized online transactional network ever in the extra-detectable Internet zone – and it operated with Bitcoin transactions. The relationship between dark e-commerce and Bitcoin is actually one of dependency – as a Bitcoin-specialized website concludes in one of its articles. Illegal operations need untraceable currency operations to preserve the anonymity of the involved parties.
How is all that useful?
Although there are numerous online articles on how to access the Dark Web, the first thing to have in mind should be NOT to access it, not even out of curiosity. It is true that some of the activities taking place in that surprisingly huge part of the worldwide web are related with the freedom of expression, but that would be the minority. This virtual space is exactly how it sounds – full of activities and entities no law-abiding person would want to have to do with.
It is however good to keep informed. Some may even take a closer look in their researcher quality; some may have to get even closer when since their law enforcement functions require them to do so. Nevertheless, learning from others’ experiences and from afar is better in this case, and, as a Dark Reading article underlines, efforts should rather be made for your data never ending up as a merchandise on the Dark Web.
There are specialized preventive searches that try to establish how a certain enterprise or company is perceived by threat factors (checking its potential target quality, as it may appear on the Dark Web), but such inquiries are better conducted by specialists. The cyber intelligence professionals may well provide this particular service as part of their overall package – and any serious organization is well advised to leave such activities to the specialists.
