Digging Through 3 Layers to the Dark Web: A Primer
By Matthew Heath, Sr. Threat Intelligence Analyst, Worldpay from FIS
The dark web is a mysterious world most don’t know much about. The internet is vast and much of it public or accessible with a simple password, contrary to common understanding. The dark web is a small fraction of the digital highway—a rest stop that is typically associated with nefarious characters, but that’s not really the case. In fact, most cybercriminals’ activity takes place in relatively open areas of the web. It’s only one of the tools cybercriminals use to conduct business.
Security experts typically segment the internet into three zones: the internet, the deep web, and the dark web.
The dark web was originally developed by the U.S. Navy and DARPA (Defense Advanced Research Projects Agency). This network, commonly called TOR (short for The Onion Router) was developed to anonymize the sharing of information between any two points on the internet—anonymizing both the user and the target server. Upon logging into the network with specialized tools, traffic is bounced across multiple servers dispersed globally in order to hide the originating location. Once this handshake operation is complete, users have access to dark web content. The intended use was for the sharing of sensitive information. The dark web, when combined with other tools, provides criminals the ability to share information, discuss tactics, and sell their illicit wares across secured, nearly untraceable channels.
Increased illegal use of this network has driven companies to invest substantial effort into monitoring the dark web, with more than 56% of respondents on a recent NAFCU Services webinar stating their credit unions are actively monitoring the dark web. This highly secure network is inherently neutral; more than 90% of its content is very similar to that of the internet— including images, text, and videos. Additionally, many dark web sites have internet or deep web counterparts. So while the dark web itself is neutral, the intentions of the users may not be.
Interested in learning more? Check out our recent podcast: Shining a Light on the Dark Web. And stay tuned for Part 2 of this blog series.