Tech Talk The latest news, reviews, and discussions for the IT professional.

What is the Dark Web?

What is the Dark Web?

There is the internet, then there is the Dark Web, and then there is the Deep Web.

The general internet is where most of us surf using web browsers like internet explorer, Chrome or Firefox or Safari. This is where most surfing is tracked and indexed by such firms such as Google and Microsoft. Yet only around 17% of the entire internet is indexed and accessed by the general public.

The Dark web is the World Wide Web content that exists on darknets, overlay networks which use the internet but require specific software, configurations or authorization to access. The dark web forms a small part of the deep web, the part of the Web not indexed by search engines, although sometimes the term deep web is mistakenly used to refer specifically to the dark web.  Think of the internet you know as the tip of the ice berg, while the deep web is beneath, and the dark web is the very depth of the deep web.

A darknet is any overlay network that can be accessed only with specific software, configurations, or authorization, often using non-standard communications protocols and ports. Two typical darknet types are friend-to-friend networks and privacy networks such as Tor and Onion. The reciprocal term for an encrypted darknet is clearnet or surface web when referring to search engine indexable content.

The darknet is a collection of independently run servers with high levels of security and anonymity. This is useful to a lot of people because it protects their identity. A lot of times it can be used by journalists trying to find information without compromising their identity. However, I would caution anybody thinking of accessing it. There is a lot of subjects on the dark net that are flat out illegal. While it can be a great source of information it is best to be cautious while browsing to avoid finding yourself on a site you don’t want to be on.

In order to access the Dark Web, one must download the TOR browser, which takes users onto anonymous and encrypted networks and servers that provide a wealth of potentially illegal and definitely unsavory sites.

What Management needs to understand about the Dark Web

Why do people go on the darknet or dark web? One of the major problems with the internet is that it’s difficult to stay anonymous while retaining the ability to communicate with a large number of people. On the internet, every website you communicate with receives your ISP-issued IP, which gives them your approximate location, and can be used with at least some reliability to track your actions.

By contrast, darknets allow you to use an internal, non-globally routed IP address when accessing resources hosted on the darknet. Participants in the darknet, excluding your direct peers, will never be able to see your real IP address, but will still be able to communicate with you using virtually any peer-to-peer application (HTTP, email, BitTorrent, FTP, SSH, …).

Darknets, like the internet, are built on the idea of peerings. Anyone interested in joining the network’s routing infrastructure needs to peer with one or more existing participants on the network. This forms a redundant web of participants, allowing the network to expand.

The Dark Web, the deep web, and darknet, are spooky-sounding phrases that refer to websites that mask their IP address and can only be accessed using encryption-friendly tools like the Onion Router. TOR is an

open source project best known for developing a Firefox-fork web browser pre-loaded with a number of hard-coded security and encryption enhancements. Tor allows users to obfuscate browsing activity by scrambling a user’s IP address through a secure and distributed network.

In order to peer with somebody, all you really need is a direct connection to them (and their cooperation). You can connect an ethernet cable from their machines (or routers) to yours, or you can setup a virtual ethernet tunnel using VPN software3. The benefit of using virtual tunnels instead of physical infrastructure (ethernet links, wireless connections) is that your network can span the globe easily and cheaply. Using physical links limits you to participants in your physical area, limiting the potential size and adoption of your darknet. The main disadvantage of using virtual tunnels is that you remain dependent on ISPs and governments allowing you to have access to the internet4.

For new beginners (NOOB) on the dark web, serious caution must be the rule, as experienced users can do harm to NOOB computers and gain their identity and victimize them (theft of privacy data on their computers if not properly protected while on the dark web. The modern Dark Web’s notorious reputation is well-earned, and the hidden internet is undeniably dangerous. YouTube is loaded with Dark Web horror stories, and the HIDDEN WIKI serves as a portal to the criminal underground.

What are the capabilities of the Dark Web

There have been numerous attempts to start peer-to-peer networks called “darknets”. For example, just last year, some users of Reddit started the Meshnet Project in an attempt to create a network resistant to interference by governments and ISPs.

It could be as simple as a group of friends who do are discussing serious issues, or it could be something as dangerous as an assassin offering his services. It could be journalists who want to work without the possibility of getting jailed for speaking truth, or it could be people selling banned drugs and weed. There are whistle-blowers who let out information without the fear of getting caught – and there are websites that show child porn.

Most of the Darknet is misused by the criminal types. This is because it offers almost full anonymity. They are there to sell services such as pay-to-kill (assassin services), porn of all types, prostitutes, banned-drug sellers, weed-sellers etc. That is why Darknet is considered to be dangerous.

And often there are links that do not tell you where they are leading, unless you access them from reliable Darknet directories. The possibility exists that you click on a link to some discussion and land up on a page of assassins-for-hire. And if anything goes wrong, the police would be knocking on your doors.

Ransomware is big business on the dark web. The total value of ransomware sales on dark web market places has rocketed from $250,000 to over $6m in just a year as demand for the file-encrypting malware grows. This year has shown a 2,502% increase in the Ransomware Dark Web Economy.

Aside from the illegitimate uses, there are a number of legitimate reasons users may want to access the Dark Web. The web’s substratum is populated by mainstream web companies like Facebook, political activists, and journalists who need to communicate and share sensitive information. The United Nations, FBI, and CIA use the encrypted internet to monitor terror groups like Daesh and keep tabs on criminal profiteers. Corporate IT departments frequently crawl the Dark Web in search of stolen corporate credit card information and compromised accounts.

There are plenty of reasons that companies and individuals may want to access the Dark Web. SMBs and enterprise companies in particular may want to monitor the Dark Web portals for stolen corporate account information. Individuals may want to monitor sites for evidence of identity theft. Facebook has an encrypted site (facebookcorewwwi.onion) that is a feature-rich method of accessing the social network using end-to-end encryption.

For more information please contact pcmsecurity@pcm.com or visit www.pcm.com/security

 

About the Author: 

John Kronick
Director ATG Cybersecurity Solutions
PCM

 

 

 

 

JOIN THE CONVERSATION

Share your thoughts and questions in the comment section below. To get the latest news from PCM, follow @PCM on Twitter, join us on Facebook, or connect with us on LinkedIn. To get the latest news sent straight to your inbox, join our newsletter.