What is the Dark Web?
What is the dark web?
The dark web is the hidden part of the internet. It makes up approximately 6% of internet content, and is part of a much larger area known as the deep web, which conversely makes up a huge 90% of the internet. It can only be accessed via specific browsers, and is a series of websites that require specific authorization to enter. Dark websites allow users unparalleled anonymity due to encryption software such as the Tor (short for The Onion Router) browser. Unlike the surface web, the dark web does not use information available on search engines like Google or Bing; instead, it utilizes content from individual sources: forums, email, social media, and company databases.
Everything within the dark web is decentralized — and to access its content, users need to type in complex links composed of numbers and letters. For example, the commerce website known as “Dream Market” has the following address: “eajwlvm3z2lcca76.onion”.
These features are why the dark web is an enticing place to do business for criminals.
Dark Web vs. Deep Web vs Surface Web
When discussing the Deep Web, it’s impossible for the “Surface Web” not to pop up. It’s exactly the opposite of the Deep Web—that portion of the Internet that conventional search engines can index and standard web browsers can access without the need for special software and configurations. This “searchable Internet” is also sometimes called the “clearnet.”
When you hear the terms deep web and dark web, many people may think of dangerous places related to cybercrime. However, the original meaning is not directly related to illegal activities such as cybercrime.
The Deep Web refers to any Internet content that, for various reasons, can’t be or isn’t indexed by search engines like Google. This definition thus includes dynamic web pages, blocked sites (like those that ask you to answer a CAPTCHA to access), unlinked sites, private sites (like those that require login credentials), nonHTML/-contextual/-scripted content, and limited-access networks
There are various technical reasons why a website is not registered with a web search engine. Common web search engines such as Google and Yahoo! use their own crawlers to collect and register information about websites on the Internet. Naturally, web content that cannot be accessed cannot be registered. An easy-to-understand example of a site that crawlers cannot access is a membership-based website that requires authentication information to access. Crawlers can access up to the authentication input screen, but web content that requires authentication information to access beyond that is considered to be the deep web and cannot be registered.
The Dark Web is not the Deep Web; it’s only part of the Deep Web. The Dark Web relies on darknets or networks where connections are made between trusted peers. Examples of Dark Web systems include TOR, Freenet, or the Invisible Internet Project (I2P).
Taking on the mining tunnel metaphor, the Dark Web would be the deeper portions of the Deep Web that require highly specialized tools or equipment to access. It lies deeper underground and site owners have more reason to keep their content hidden.
The history of the Dark Web
The dark web has its origins way back in 1999, with the research project of University of Edinburgh student, Ian Clark. Clark’s intent was to create an anonymous peer-to-peer file-sharing program, named Freenet. On this free speech platform, users would be able to discuss and share information without the controls of government censorship. Freenet was released to the public in 2000, however, it wasn’t long before it was eclipsed by Tor, released in 2003/4. To this day, Tor is still the favored route of access to the dark web.
The Silk Road
The Silk Road was the most notorious example of an online marketplace found in the Tor network. Before it was taken down by the FBI in 2013, the website was used as a platform for selling illegal drugs, where users were able to browse anonymously. That wasn't the end of it though, as a new site soon took its place on November 6th, 2013. Called "Silk Road 2.0", the relaunched site promised improved security to avoid another shutdown. On November 6, 2014, exactly one year after the launch of Silk Road 2.0, the new site was shut down and its operator was arrested through the efforts of Operation Onymous—an international law enforcement operation that targets illegal online marketplaces operating in the Tor network.
How to access the dark web
To keep your online activities private, the Dark Web uses advanced encryption, different from what you use every day. Users need special browsers, like Tor, to create secret tunnels for accessing it. This way, no one can snoop on what you're doing.
Accessing the dark web can be a challenging task for the uninitiated. Most dark websites use the Tor network, which is free and open-source software that enables anonymous communication.
Nevertheless, users can also use the Tor network to mask illegal activities, which makes it a prime target for law enforcement and hackers. To access the dark web, you need to download a dark web browser, such as Tor Browser or Tails. Then, you configure it to connect to the Tor network. Once connected, you can access dark web websites by entering their URLs directly or by using dark web search engines or directories.
However, you should be aware that accessing the dark web can expose you to various risks, including malware, phishing attacks, and illegal content.
Is the dark web illegal?
The dark web is not illegal, and accessing it is completely lawful. Although, this depends on the country you’re in, as totalitarian regimes are obviously against platforms that provide anonymity to users. It is used by whistleblowers, the US military, journalists, and even those simply seeking rare items — out-of-print books, for example. It is also a great venue for free online libraries and countless discussion forums.
Nonetheless, the dark web does have a well-earned reputation for illegal content and activity taking place within it. For example, it is the go-to place for cybercriminals to buy and sell stolen credentials, such as credit card numbers, email addresses, passwords, and Social Security numbers.
What are the uses of the Deep Web?
A smart person buying recreational drugs online wouldn’t want to type related keywords into a regular browser. He/She will need to anonymously go online using an infrastructure that will never lead interested parties to his/her IP address or physical location. Drug sellers wouldn’t want to set up shop in an online location whose registrant law enforcement can easily determine or where the site’s IP address exists in the real world, too.
There are many other reasons, apart from buying drugs, why people would want to remain anonymous or set up sites that can’t be traced back to a physical location or entity. People who want to shield their communications from government surveillance may require the cover of darknets. Whistleblowers may want to share vast amounts of insider information to journalists without leaving a paper trail. Dissidents in restrictive regimes may need anonymity in order to safely let the world know what’s happening in their country.
On the flip side, people who want to plot the assassination of a high-profile target will want a guaranteed but untraceable means. Other illegal services like selling documents such as passports and credit cards also require an infrastructure that guarantees anonymity. The same can be said for people who leak other people’s personal information like addresses and contact details.
Trend Vision One - Dark web monitoring
Cyber criminals phish users and exploit vulnerabilities in websites, databases, networks, and web apps to gain access to confidential data, such as user credentials. This information is then often traded or sold on underground online platforms, commonly known as the dark web.
Trend Micro specialists constantly monitor the internet, particularly the dark web, for leaked data. Once such data is identified, it is validated and ingested into Cyber Risk Exposure Management. When you register a domain in Trend Vision One, a scan is performed to verify whether the domain user data has been compromised by a leak—with historical data back to 2010. Afterward, Cyber Risk Exposure Management performs additional scans on a weekly basis.