The dark web brings to mind images of malicious agents sneaking around online in search of illegal drugs, personal information, and the newest ransomware software – and those images are all, unfortunately, correct. It’s a scary place where all manner of things can be found, seen, and purchased – and much of what lurks out there today is nefarious at a minimum and likely illegal in many countries (though it’s not all bad, as I’ll share a little later).
The term “deep web” refers to sites and services that are not indexed by search engines. For example, sites that end in “.onion” can only be accessed anonymously and their web URL must be known in advance. The dark web is a subset of deep websites that cannot be accessed using a regular internet browser; access requires encryption or specialty software.
Cyber criminals share such sites with each other and can limit or prevent unknown persons from reaching their site accidentally via a Google search.
Cybersecurity experts understand the dark web as an enormous source of hacking knowledge and software. Studying hacking forums on the deep web equips professional penetration testers, security analysts, and software developers with cybersecurity information they need to perform their responsibilities.
What Is the Dark Web, Anyway?
An exploration of what the dark web is can begin by understanding its origins. Developed to help government intelligence communications, the dark web takes advantage of network routing capabilities designed initially to protect intelligence data online via the use of special equipment and programs. A Tor Browser or an Invisible Internet Protocol (I2P) setup must be configured to allow anonymous online activity for dark websites to be reachable.
“Tor, which stands for ‘onion router’ or ‘onion routing,’ is designed primarily to keep users anonymous,” the security software company Radware explains in “Understanding the Darknet and Its Impact on Cyber Security” in Security Boulevard. (They also call it “darknet” but we’re sticking with “dark web” since that’s the term that has become a more normal part of our language – thanks in part to TV.)
According to the article, over 1 million users are active on the Tor network on any given day, and its main function is, as mentioned above, to keep users anonymous – and untraceable. “Just like the layers of an onion, data is stored within multiple layers of encryption. Each layer reveals the next relay until the final layer sends the data to its destination. Information is sent bidirectionally, so data is being sent back and forth via the same tunnel.”
The Dark Web and Cryptocurrency
Following the advent of decentralized cryptocurrencies in 2009, dark web users found that they could exchange money for goods and services in a quasi-anonymous way.
Silk Road was perhaps the most notorious dark web black marketplace. Users shopped for anything from drugs to guns, hitman services, credit card numbers, social security numbers, and hacked computer programs and passwords. The administrators of this marketplace held bitcoin (or other cryptocurrency) payments in escrow until the buyer received the item or service purchased.
Although law enforcement eventually shut down Silk Road, marketplaces just like it continue to thrive on the dark web. And unlike Silk Road, newer marketplaces are decentralized and better hidden. Because dark web activity bounces signals off nodes or relay sites located in multiple nations all over the globe, investigations are costly and time consuming.
Dark Web Services
The dark web also presents the option of paying for sensitive data and hacking services instead of malware and virus packages that require the buyer to have a higher level of expertise. In “Cybercrime Black Markets: Dark Web Services and Their Prices” on WeLiveSecurity:
- Ransomware as a service — Preconfigured ransomware sold on a monthly or annual basis
- Selling access to servers — Remote desktop protocol (RDP) credentials sold per server through a customizable search service
- Renting infrastructure — Computing resources leased for botnets and denial-of-service attacks that require massive processing power
- Selling PayPal and credit card accounts — Account access credentials sold to cyber criminals for a fraction of the available balance on each account
Despite the nefarious activities made possible by the dark web, it is not all bad. In “The Truth about the Dark Web” for the International Monetary Fund, “For individuals living under oppressive regimes that block large parts of the internet or punish political dissent, the dark web is a lifeline that provides access to information and protection from persecution. In freer societies, it can be a critical whistleblowing and communication tool that shields people from retribution or judgment in the workplace or community.”
How Cyber Security Professionals Navigate the Dark Web
For cybersecurity personnel, especially those who deal directly with protecting sensitive systems against cyberattacks, understanding the dark web can help them study the ways of the enemy, so to speak.
Dark web cyber threat intelligence mining is the process by which the more inaccessible corners of the internet are scoured for actionable intelligence to strengthen cyber security. Dark web-based emerging threats and vulnerabilities can be analyzed to protect against threats before they can strike.
Invaluable cyber threat information can be gleaned from the dark web in several ways. AI algorithms can scour the onion sites in search of usable data while skilled cyber security researchers inject themselves into the realm of hackers and learn from their opponents’ dark web activities.
Those who work in the cybersecurity industry today are entering a field where lifelong learning practices are valuable. Cyber criminals move fast and innovate new hacks daily. Through the dark web, however, cyber security professionals can research their ways and learn how to counter their moves before they can launch their attack.
When it comes to the dark web and your business, you want to know if any of your private information is on the dark web and available for purchase. It could well be. A reputable cybersecurity firm will set you up with regular dark web scans – one of the things that we do regularly for our managed services clients. What would happen to your business if your CFO’s – or your – password got stolen? These are risks you do not want to take.