October is a cybersecurity month. When deciding what to write about, I recalled a surprising fact: Most people have not heard of the “dark web.” It is out there, though, and it’s essential to know where it resides and why it is considered “dark” in nature. Once you grasp an understanding of the dark web, there are things you can do to prevent becoming a victim of cybercrime.
3 Layers Down
To understand what the dark web is, the first thing to know is there are mostly three layers to the world wide web (www):
- Surface Web
- Deep Web
- Dark Web
1. Surface Web
This is the web the everyday person uses on their smart devices and personal computers. The sites accessed on the surface web have been indexed by DNS (domain name servers) web servers that provide specific pages to a web browser by resolving an alphanumeric web address (e.g., www.timothydimoff.com) to the website’s actual IP address. This is, in reality, a 14 digit numeric location on a web server structured the following way “1111.2222.3333.44”.
The easiest way to understand this concept is to understand what happens when you enter in directions in a car. When an address is registered, the actual data being utilized by the GPS technology is the global coordinates for the address (e.g., longitude, latitude). So, your Garmin, for example, allows you to enter in 123 Main Street, Akron, OH, but identifies the numerical longitude and latitude to build directions to the specific location based upon the coordinates where you are currently located.
The most important thing to note about the surface web is that only websites that have been indexed by a web server are accessible to the public. In other words, the website’s IP address is fully disclosed to world wide web servers, enabling the site to be searched by mainstream search engines (Google, Bing, Yahoo, etc.) by anyone with an internet-ready device.
2. Deep Web
The next layer down is called the deep web. It is often confused with the dark web, but that’s because it is not readily accessible to the public at large. It consists of a multitude of online data points stored on web servers, ultimately connected to various databases. Here not all websites are indexed, and when reached, the sites are often password-protected, blocking user access to backend databases. Your eyes might be glazing over right now, so think of it as eating in a restaurant.
You are served the food you ordered (= surface web), but you are not allowed in the kitchen or inside the delivery trucks that brought the ingredients that were used to create the food on the plate (= deep web). What is important to you is the food you are served. You know it was cooked in the kitchen because the food was delivered to the restaurant, but you are not privy to the whole process.
This also accounts for why no one knows how big the deep web is today, but it is estimated to be 400 to 550 times bigger than the surface web. In other words, what you see on the surface web is a small representation of information/data that is visible to the public at large. But it is essential to note the deep web isn’t intentionally “hidden” from you. This is where the dark web comes into play.
3. Dark Web
Deliberately hidden or inaccessible locations on the internet constitute a small portion of the world wide web called the dark web (aka “darknet”).
These locations are the result of:
- Failed online companies
- Technical errors/failures
- Internet service provider disputes
- Abandoned addresses once used by the US military in the earliest days of the internet
These forgotten properties can then be set up as a blog, forum, chat room, or private gaming server. They are often used for illicit exploitation (sometimes for only a few seconds before they are returned to disuse).
These sites are:
- Resistant to indexing (there is no “dark Google)
- Require particular browsers for search
- Require the user to know the exact location (IP address) of a website
The dark web is where someone can be anonymous. This is especially important for people who engage in illegal or illicit activities (e.g., hire hitmen, engage in human trafficking, and exchange child pornography). Therefore, tech-savvy criminals flock there to create marketplaces where illegal goods such as narcotics, firearms, and stolen credit card numbers are bought and sold. However, not all dark web activity is criminal and immoral, but it does make the visitor vulnerable to hackers on the other end of the line.
Don’t panic. Entering a search word in Google will not open the door to a dark web location. An end-user must intentionally seek a place on the dark web. So, don’t live in constant fear of the world wide web. If you do need to access the dark internet when seeking information outside mainstream channels (e.g., your job in law enforcement, investigative services), do so with extreme caution.
With that said, it is crucial to take the blinders off and take precautions. Unless you live entirely “off-the-grid,” chances are your data has already been compromised. So, the issue is no longer prevention, but protection. According to AARP, consider the following, so you don’t become a victim of cybercrime:
- Freeze your credit
- Monitor your accounts
- Set up a password manager
Overall, be careful online. Use common sense, and don’t go looking for trouble. The dark web is out there, but the choice to enter it is up to you.
Tim Dimoff Can Help Protect Against Cybersecurity Threats
The internet is a vulnerable place, but knowledge is the power to protect against cybercrime. Tim can help your organization learn how to effectively address basis cybersecurity to safeguard your internet practices to protect you from scams, viruses, identity loss, and more with his presentation Basic Cybersecurity Pitfalls and Preventions. Contact Tim to schedule today.