April 03, 2019 CYBER CRIME, Dark Web

Deep Web, Dark Web

There’s been quite a bit of confusion about the deep web, and the dark web, and what they are. Heck, many haven’t even heard of the deep web, but have come across the term dark web in articles talking about data breaches.

Wikipedia has a very good explanation of what deep web is https://en.wikipedia.org/wiki/Deep_web.

When search engines crawl the internet in search of websites, they use the URLs they find to index the various pages. The criteria for indexing (how high you show up in a search) changes all the time but what remains constant is the fact that the specific indexed page was found with a direct link/URL.  When I go to my online banking, log in, and start clicking around, those pages don’t exist before I login. They are created dynamically for me, based on my queries. The content shown is based on the results of database queries that I initiate by clicking various buttons on the page, and likely providing my own input. Such pages cannot be indexed for the simple fact that they aren’t actually in existence until I request that they be created. And thankfully so, otherwise my bank account information would be indexed and found online easily!

This is an example of what’s called the Deep Web – a part of the web that exists but cannot be indexed, and therefore cannot be found via a simple search.  In other words, to access it, you need to already know where to find it.

Please do not think that deep web is merely your bank account

In general, deep web is any page that either exists only dynamically or exists but does not have a direct link and therefore crawlers cannot find it. That does not make it dangerous, which the most important aspect of this conversation. The Deep Web is NOT an inherently dangerous place. Think of it like the rooms within your house. Your post office has your home address but it doesn’t have a different number for each of your rooms. However, when at home, you do walk from one room to the other without going out through the front door each time.

Not all Deep Web is legitimate either though. There are ‘houses’ with no addresses at all, i.e., some websites may not even have been submitted to search engines, on purpose for the most part.

Enter the Dark Web!

This term refers to the content of the Darknet, a portion of the Internet that is “intentionally” not open to the public. Most typically, darknet is associated with the encrypted TOR network (TOR stands for ‘the onion ring’). Yes the dark web is a part of the deep web. It’s hidden and encrypted, but the scope isn’t only nefarious. The darknet allows for anonymous and encrypted communications, which isn’t always a bad thing. TOR was widely using a few years back during uprisings in various Arab countries and in Iran, for instance. Demonstrators wanted to show to the world what was going on, but couldn’t do it openly (using the surface web we all access) for fear of being tracked down and arrested (or worse). So they took to the darknet, because it’s encrypted and allows anonymity.

However, because of these 2 features – encryption and anonymity – the darknet has become the place for hackers to ‘hang out’, exchange ideas, plot their moves, and exchange information. This is the place where Anonymous meets to plan the next attacks. This is also where the drug bazaar called Silk (https://en.wikipedia.org/wiki/Silk_Road_(marketplace)) operated for many years.
TOR wasn’t invented for hackers, nor by hackers, in fact, TOR began as a place that, through encryption and anonymity, guaranteed impunity to whistle blowers and anyone who was being oppressed. It was supposed to bring freedom of expression where there wasn’t any. Unfortunately, its very nature makes it an excellent place for anyone to hide and conduct nefarious operations. Mind you, TOR isn’t the only place for this sort of activity. In fact, TOR is nothing more than an application; the most well known and successful yes, but not the only one. In fact, in some ways, TOR is no longer so ‘safe’ because the FBI was able to infiltrate it and dismantle the Silk Road organization, despite anonymity and encryption.

What does all this have to do with you?

Well, as stated earlier, this is the place where hackers exchange information. When a breach occurs and data is stolen from a company, that data inevitably ends up on the darknet. There are lists and lists, billions of email addresses, passwords, SSNs, CC numbers, and whatnot. Every piece of information about you stolen from some website that didn’t properly protect that data, can likely be found here. Knowing what information about _you_ is lurking on the darknet is very important. You can’t do anything to remove it, but you can certainly do something about it. What do I mean by that? If you find that a password floating on the darknet is one that you’re still using, change it! What are you waiting for? And set up 2FA everywhere you can, because, albeit not being perfect, it is by far the best thing we have today to protect ourselves from all this leaking of information and passwords. It doesn’t matter how strong your password is if someone steals the entire password database. But it does matter if the password alone isn’t sufficient.

Should you be trying to browse the darknet, just out of curiosity?

It’s the same as asking ‘should you be walking in a dark alley at 2 AM?’ It all depends – do you really need to? Are you strong enough to defend yourself? Do you know what you’re doing? And how to not leave traces that can lead hackers back to your computer? It’s not hard to access the darknet but you must be prepared to deal with individuals who are highly skilled and motivated to steal your information, and have very low (or non existent) moral standards when it comes from profitting at the expense of others.  So my advice is do it, at your own peril.