Deep Web. Dark Web. Ransomware. Tor. Illegal activities. Bitcoin.
A cursory search of the first two terms would reveal a range of web pages, all talking about the next four terms. The mystery and suspense the deep and dark web have created is unprecedented – with pages and pages of horror stories, all talking about a shadowy part of the Internet (or perhaps, not even the Internet), hidden in plain sight.
So let’s uncover the mystery about this frightening “deep” and “dark” web.
For starters, the Internet is that part of the “normal” web which everyone uses. It has all the social media websites, the shopping websites, email websites. Basically, the Internet includes all content which has been indexed by search engines.
The “deep” web is that part of the Internet which has not been indexed by search engines. Hence, unlike many of the horror stories you’ve heard about it, the deep web is not by itself that horrifying. The deep web just has content like databases, lists, information, etc., which has not been indexed by search engines.
But wait. This is where we come to the “Dark Web”. And, by its very name, you can tell that this is trouble.
The dark web is a portion of the deep web which is intentionally hidden and is inaccessible through standard web browsers. Obviously, it is not indexed by search engines and it requires special software to access it. Specialized browsers like Tor are used to access it.
It is this “Dark Web” from where all the stories have originated. While there are some legitimate uses of the dark web (i.e. for storing sensitive criminal information), a large portion is used for criminal activities. Drugs are bought and sold here, illegal goods are transferred and even terrorism is conducted here. All transactions happen on the basis of Bitcoins, the anonymous cryptocurrency.
Cybersecurity experts have long worried about the activities going on in the dark web – but it is almost impossible to take any concrete action because of the sheer nature of the beast. The dark web thrives on anonymity and that is why it is a favorite for all manners of anti-social forces. From hackers to criminals to terrorists, they are all there.
Dark web and cybersecurity
But the dark web deeply affects cybersecurity. When data is breached, it almost always finds its way in the dark web, where it is up for sale. Security researchers recently found a 41GB file with 1.4 billion hacked and leaked passwords from various websites on the dark web. When the Indian global food startup Zomato was hacked, the data of 17 million Zomato users was up for sale on the platform. In October 2017, Seqrite discovered an advertisement on the dark web which claimed to have access to data from over 6,000 Indian business including government organizations, Internet Service Providers, banks and enterprises. The hacker had priced the information at 15 Bitcoins and was offering a network takedown of affected organizations for an unspecified amount.
Despite all its dangers, the dark web often provides valuable threat intelligence which could be instrumental in understanding the current cyber threats. Monitoring the dark web can often help boost security and identify breaches & vulnerabilities. Disclosed vulnerabilities can often appear on the dark web first before most organizations are aware of it and scrambling to fix it. This allows hackers valuable time to exploit these vulnerabilities – but if organizations monitor and react to the threat in time, they can be on the same page as the hackers and fix them as soon as possible.
Seqrite, the enterprise security solutions brand of Quick Heal Technologies, is a leading provider of security software solutions in India, has a DarkNet monitoring division called Seqrite Cyber Intelligence Labs which aims to create threat intelligence and monitor the Dark Web for vulnerabilities.