We all know and use the Surface Web – that part of the Web that’s indexed and accessible to popular search engines like Google, Bing and Yahoo! But the Surface Web represents just a fraction of the Internet. Underneath lies a wealth of information that most people aren’t aware even exists because it can’t be accessed by conventional browsers.
This so called ‘Deep Web’ is vast and is currently estimated to represent approximately 96% of all content on the Web.
Other content that cannot be indexed by traditional search engines and therefore part of the Deep Web includes dynamic pages returned in response to a submitted database query, content that’s dynamically downloaded from Web servers via Flash or Ajax, web archive and peer-to-peer networks.
As well as the Deep Web is another section called the Dark Web. The Dark Web is only accessible using specialist software, the most common of which is called Tor (originally the acronym for ‘The Onion Router’) The anonymity delivered by Tor makes it an attractive tool for Internet users engaged in illegal online activities looking to carry out illegal activities online. Often described as the Wild West of the Web, the ‘Dark Web’ is the shady world where illegal drugs and weapons dealers, and hackers ply their trade.
Who accesses the Dark Web – how do they do it, and why?
The Tor browser is the most well known way of accessing the Dark Web. Tor (originally an acronym for ‘The Onion Router’) is an anonymity network designed to keep a user’s identity and location completely secure when browsing the web.
This free-to-download browser masks a user’s IP address through a number of encrypted proxy servers around the world.
Using the Tor browser unlocks the door to the Dark Web, and a variety of people use it for a number of reasons. People use it to protect their communications – for example, political activists used it during the Arab Spring to disseminate messages. Others use it to research sensitive topics or to access information that might have been hidden to them, while some are libertarians or information freedom activists who believe in the right of free Internet expression and online privacy. For example, the Dark Web is home to the WikiLeaks site that provides users with means to upload documents anonymously.
The Dark Web is also home to the more disreputable Internet users who are engaged in criminal or illegal activities, thanks to their ability to keep their online identity secret.
In 2013, The Silk Road, the infamous narcotics trading website, was seized and its administrator Ross Ulbricht arrested. The seizure brought the existence of the Dark Web into the mainstream, raising serious questions about Cyber Security for those in Government, Law Enforcement and the Private Sector.
That’s because the Dark Web is not just a trading place for narcotics: it’s also used for many other illegal activities that include hacking services and selling hidden vulnerabilities in computer systems.
The FBI used its deep knowledge of the Dark Web and Open Source Intelligence techniques to bring about the demise of The Silk Road. Today’s corporate businesses need to gain a deep understanding of the Dark Web, criminal innovation and cybercrime if they’re to combat any potential threats in a successful manner.
From monitoring theft or counterfeiting, to identifying threats to commercial IP and other assets, using anonymity tools like Tor enables organisations to undertake investigations into cybercrime, fraud or compliance. And leveraging techniques like Open Source Intelligence to monitor potential events – like the risk of data breach – should be a critical aspect of the corporate risk response plan.
By Max Vetter, Cyber Security Trainer and Analyst at QA