The Dark Web
The dark web is a subset of deep websites that cannot be accessed using a regular internet browser, requiring encryption or specialty software. Cyber criminals share such sites with each other and can limit or prevent unknown persons reaching their site accidentally via a Google search.
The Dark Web(also called The Dark Net) is a network within the Internet which is only accessible using certain software and protocols. The Dark Web has many names, for example Tor Network or Onion Router. Anyone can access to the Dark Web by simply downloading software for it. A popular and very much used browser is the Tor Project’s Tor Browser . This is just like any other browser such as Google Chrome or Microsoft Edge, except it can also access special website addresses which ends in .onion instead of .com and such. Any traffic sent through Tor Browser is automatically anonymized and encrypted via many different hosts. The browser also has built-in protection for many kinds of tracking and de-anonymization features.
Accessing The Dark Web
You can access many fun and interesting websites through this browser, also many which co-exist on the regular Internet. For example if you access the following URL’s in Tor Browser, your communications will be fully encrypted and anonymized inside the Dark Web:
- Facebook – http://www.facebookcorewwwi.onion/
- DuckDuckGo Search Engine – http://3g2upl4pq6kufc4m.onion/
- The American CIA (“Central Intelligence Agency”) – http://ciadotgov4sjwlzihbbgxnqg3xiyrg7so2r2o3lt5wz5ypk4sxyjstad.onion
- The Hidden Wiki, a collection of links and places to explore – http://zqktlwiuavvvqqt4ybvgvi7tyo4hjl5xgfuvpdf6otjiycgwqbym2qad.onion/wiki/index.php/Main_Page
Because of the built-in anonymizing features and encryption, the Dark Net is also host of many criminal websites, marketplaces and networks.
What is the dark web used for?
The dark web can be used for both good and bad purposes. Generally, visiting the darknet is not illegal unless there is country-level censorship. However, China and some other countries have banned use of The Onion Router, preventing their citizens from accessing the network. Legal uses of the dark web can include things like anonymous information sharing for academic research and background verifications. Also, some major social media and news media sites are on the dark web so users can access and read them anonymously.
Illegal uses of the darknet include buying and selling stolen information like user login credentials, sensitive personal information like social security numbers, payment card information; selling and buying of drugs; and child pornography.
Why was the dark web created?
The Onion Router and the dark web began in the 1990s as US government research funded by the US Naval Research Laboratory, and later by the Defense Advanced Research Projects Agency (DARPA). The goal was an anonymous information exchange across the internet.
In 2004, The Onion Router code was released under a free license, and in 2006 the not-for-profit TOR Project was created. Dissidents, activists, journalists began to use TOR to communicate while protecting identities. However, criminals also began using it and the dark web for illegal activities.
What does the dark web mean for cyber security?
Monitoring the dark web for information that can be used to target your business helps get ahead of threats. Stolen login credentials are of particular concern, representing 37% of breaches Verizon analyzed in its 2020 Data Breach Investigations Report. Illegal dark web forums and marketplaces sell stolen credentials, other stolen information, and malware. Malicious actors use the stolen information to target businesses to gain network access for ransomware attacks and more.
- Phishing emails can use stolen business information to appear more authentic. Unwitting victims can be tricked into revealing login credentials, or into allowing malware directly onto networks.
- Credential stuffing attacks use stolen login credentials in bulk to take advantage of password reuse and infrequent password updates. The attacks try to find a match in your business network to gain unauthorized access.
How can you protect against dark web cyber threats?
Use a good dark web monitoring service to detect and anticipate cybersecurity threats to your business. These services infiltrate hubs of cybercriminal activity like illegal marketplaces and forums for cybercriminals. They monitor for stolen data and other information on organizations or employees. They also monitor dump sites like Pastebin, where anonymous people can post information including stolen confidential documents, emails, databases and other sensitive data.
Is Accessing the Dark Web Dangerous?
Accessing the dark web can be dangerous if you don’t know what you are doing. Thousands of highly skilled cybercriminals and digital natives who frequent the dark web are more than willing to take advantage of anyone who is not careful or who doesn’t know what they are doing on TOR sites.
If you want to protect your organization against cyberattacks that are planned and originate on the dark web, then IntSights External Threat Intelligence solutions can do that for you. Our skilled cybersecurity professionals use industry-leading tools to do dark web monitoring to spot emerging threats, take action, and therefore keep your business safe.
Note: Please take care when navigating the Dark Net. The links above will only work when using the appropriate software.