Dark Web Breakdown

Did you know that what we see on the internet is just the tip of the iceberg?  The internet that we use and see every day, also called the “Surface Web,” makes up about only 10 percent of the actual internet. Beneath that, is what is called the Deep Web. The Deep Web contains most of the internet, but it is difficult for the everyday person to access. This portion of the web refers to the information that search engines won’t return after a search. In order to access websites on the Deep Web, you have to know the exact link. Examples of the Deep Web include medical and financial records and accounts, fee-based content such as subscription services, and confidential corporate sites. Lastly, in a layer even deeper of the web, lies the Dark Web.

So what is the Dark Web?

The Dark Web is the portion of the web that is intentionally hidden, not indexed, and can only be accessed by a specialized browser. Different from the Clear Web or Deep Web, the Dark Web also uses encryption software that makes the location and identity of its users anonymous. Because of this encryption and an extra layer of anonymity, crime and illegal activity have become common on the Dark Web.

A Brief History

The origin of the Dark Web begins with the Dark Web’s core principle of “onion routing.” “Onion routing” is what enables Tor (the software used for the Dark Web) to preserve user anonymity and was founded in the mid-1990s by the U.S. Federal government. It was first developed by the U.S. Naval Research Laboratory and continued on through the Defense Advanced Research Project Agency (DARPA). In its original form, it was created to protect individuals in the intelligence community by allowing private and anonymous correspondence. In 2004, Tor was released under a free license and thus the Dark Web we know today began.

What is on the Dark Web?

If you have heard of the Dark Web you’re probably familiar with its dark reputation for crime and illegal activities. However, what the Dark Web was originally created for was a place for extreme privacy and protection while surfing online. This privacy allows users such as whistleblowers, journalists, protestors, and many everyday individuals to get around websites that may be blocked or inaccessible in their country, and allows users to post online without fear of backlash or punishment. Mainstream social media and news outlets such as Facebook, the BBC, Pro Publica, and The Guardian are starting to create and launch their own Tor webpages to get around governments around the world that regulate access and content.

However, it is this level of secrecy and anonymity that the Dark Web provides that criminals seek out.  Although the types of crime that lurk on the Dark Web are vast and vary (the buying and selling of drugs, weapons, services, etc.), a prominent and important sector of crime to be aware of on the Dark Web is cybercrime. On the Dark Web, anonymous marketplaces and forums exist solely for hacker exploits, information on compromised servers, stolen data, and the buying and selling of malware. Malware, also known as malicious software (link to malware blog), helps criminals pull off cyberattacks, steal sensitive information, and then make a profit. Some examples of these include ransomware, phishing malware, botnets, and keyloggers.  When it comes to information, cybercriminals can purchase an individual’s data such as social security numbers, logins, credit card numbers, debit card accounts, driver’s licenses, and more. In what on the Dark Web is called a “Fullz,” slang for “full information,” bundles come with data that include your full name, date of birth, SSN, account numbers, and other sensitive information for only around $30 a bundle. [1]

How does your data wind up on the Dark Web?

Unfortunately, criminals are growing sneakier in their methods of stealing data every day. If you have been involved in a data breach or cyber hack, there is a pretty good chance your information can be available on the Dark Web. The bulk of stolen sensitive information comes from large-scale data breaches, hacking connectivity, phishing, malware, browsing tackers, and social engineering attacks. Because this data doesn’t expire, it is often just sitting there waiting for cybercriminals to access it.

How to prevent your information from getting on the Dark Web.

Unfortunately, it is nearly impossible to completely prevent your data from getting stolen and put on the Dark Web. Since hackers are able to steal information without the individual even knowing, most of the time people are not aware that their information was even available on the Dark Web until a crime occurs. Ultimately, the best way to be protected against your information being put on the Dark Web is to limit your exposure and prevent it from getting stolen in the first place. Some simple steps you can take to strengthen your security include frequently changing and updating your passwords and storing them safely in a password manager, using two-factor authentication on your devices, checking the permission setting on apps you use to ensure your data isn’t being shared without your knowledge, and not emailing any sensitive information such as SSN and bank account information. We also recommend monitoring your credit consistently and setting up alerts for any changes to your accounts. With IDSeal, you can be notified via our monitoring systems the second any suspicious changes are made to your account. If your accounts or information do appear to be stolen, you don’t have to go through recovering it alone.

---

[1] Stack, B. (2017). Here’s How Much Your Information is Selling for on the Dark Web. Experian. https://www.experian.com/blogs/ask-experian/heres-how-much-your-personal-information-is-selling-for-on-the-dark-web/

---