There’s a fairly good chance that you’ve never even been on the dark web. It takes some complicated work to access it and, when you do, it can be remarkably hard to navigate. Additionally, many of us have no real need to access the dark web, as all of our usual online needs can be taken care of by services on the general web. And maybe you’re a bit scared of the dark web, and that has prevented you from really trying to explore it. There are stories all over the news about the criminal activities that are conducted on the dark web and the harsh punishments that are meted out by the law to those found guilty of nefariously using the dark web. These fears are perhaps quite warranted – there’s a lot of bad stuff on the dark web.

But if you work in cybersecurity – in any capacity – or have a general interest in keeping your data safe, it’s important to get truly informed about the dark web and, indeed, experience it for yourself (at least a little bit). Any amount of context is vital when you’re working in a field that regularly interacts with and protects others from the malicious hacking that happens on the dark web.

Let’s start with some technical basics. At the most fundamental level, the dark web is part of the internet that isn’t visible to search engines and requires the use of an anonymizing browser called Tor to be accessed. Tor, short for “The Onion Router”, is open-source software that allows for anonymous communication. It directs Internet traffic via a free, worldwide, volunteer network that consists of more than seven thousand relays. Using Tor makes it more difficult to trace a user’s Internet activity. 

No one really knows the size of the dark web, but most estimates put it at around 5% of the total internet. It’s notoriously difficult to navigate, a seeming labyrinth of clunky search engines, complicated URLs, scammers, criminal websites, dead forums, slow loading times, and counterintuitive navigation. It’s constantly changing and shifting, especially when law enforcement shuts down big hubs of criminal activity, as occurred when the large market AlphaBay was closed.

Transactions are heavily encrypted and conducted almost exclusively via cryptocurrency. Purchases of illegal items are a complete gamble, as they might not arrive or might be intercepted by law enforcement. Or they might not even be sent in the first place, and the seller just takes the money and runs. The point is, the dark web is a poignant view into the underworld of all the illicit activities that humans get up to. (It’s important to note that not all of the dark web is seedy and criminal – you can find rare books, cybersecurity forums, and ethical hacking services on it, too, among other things.)

The website CSO goes into some detail about the level of criminal activity on the dark web:

A 2019 study, Into the Web of Profit, conducted by Dr. Michael McGuires at the University of Surrey, shows that things have become worse. The number of dark web listings that could harm an enterprise has risen by 20% since 2016. Of all listings (excluding those selling drugs), 60% could potentially harm enterprises.

Cybersecurity professionals also regularly access the dark web in order to keep abreast of the methods and targets of hackers, and to scan for leaked and breached information that might be relevant to their organizations and/or clients. Maintaining knowledge of the dark web is a big part of the job.

For example, HackNotice’s threat awareness platform regularly and automatically scours the dark web for leaked PII related to its users. To date, HackNotice has compiled more than 40 billion individual records found on the dark web. Continuing to provide full protection to users involves the constant updating of HackNotice’s engine in order to stay current with the way hackers share information on the dark web. Hacking forums need to be scraped, and new dark web websites containing leaked data need to be quickly identified and accessed. Intensive understanding of the dark web is, in many ways, the backbone of HackNotice’s threat awareness platform.

If all of this sounds interesting, there are tons of resources out there (on the regular internet!) that can teach you more. If you’re learning about hacking or are curious about the sociological or economic aspects of criminality, exploring the dark web can be very rewarding. It can also be dangerous or frightening, so exercise caution. And to protect your own data, make sure to use a threat awareness program like HackNotice to keep you fully informed and exercising solid security habits.s

References:

1. Guccione, Darren. “What Is the Dark Web? How to Access It and What You’ll Find.” CSO Online, n.d. https://www.csoonline.com/article/3249765/what-is-the-dark-web-how-to-access-it-and-what-youll-find.html.