What is the dark web?

Dark web definition

The dark web is a part of the internet that isn’t indexed by search engines. You’ve no doubt heard talk of the “dark web” as a hotbed of criminal activity — and it is. Researchers Daniel Moore and Thomas Rid of King’s College in London classified the contents of 2,723 live dark web sites over a five-week period in 2015 and found that 57% host illicit material.

A 2019 study, Into the Web of Profit, conducted by Dr. Michael McGuires at the University of Surrey, shows that things have become worse. The number of dark web listings that could harm an enterprise has risen by 20% since 2016. Of all listings (excluding those selling drugs), 60% could potentially harm enterprises.

You can buy credit card numbers, all manner of drugs, guns, counterfeit money, stolen subscription credentials, hacked Netflix accounts and software that helps you break into other people’s computers. Buy login credentials to a $50,000 Bank of America account for $500. Get $3,000 in counterfeit $20 bills for $600. Buy seven prepaid debit cards, each with a $2,500 balance, for $500 (express shipping included). A “lifetime” Netflix premium account goes for $6. You can hire hackers to attack computers for you. You can buy usernames and passwords.

But not everything is illegal, the dark web also has a legitimate side. For example, you can join a chess club or BlackBook, a social network described as the “the Facebook of Tor.”

Dark web tools and services that present enterprise risk

The Into the Web of Profit report identified 12 categories of tools or services that could present a risk in the form of a network breach or data compromise:

  • Infection or attacks, including malware, distributed denial of service (DDoS) and botnets
  • Access, including remote access Trojans (RATs), keyloggers and exploits
  • Espionage, including services, customization and targeting
  • Support services such as tutorials
  • Credentials
  • Phishing
  • Refunds
  • Customer data
  • Operational data
  • Financial data
  • Intellectual properter/trade secrets
  • Other emerging threats

Dark web browser

All this activity, this vision of a bustling marketplace, might make you think that navigating the dark web is easy. It isn’t. The place is as messy and chaotic as you would expect when everyone is anonymous, and a substantial minority are out to scam others.

Accessing the dark web requires the use of an anonymizing browser called Tor. The Tor browser routes your web page requests through a series of proxy servers operated by thousands of volunteers around the globe, rendering your IP address unidentifiable and untraceable. Tor works like magic, but the result is an experience that’s like the dark web itself: unpredictable, unreliable and maddeningly slow.

Dark web search engine

Dark web search engines exist, but even the best are challenged to keep up with the constantly shifting landscape. The experience is reminiscent of searching the web in the late 1990s. Even one of the best search engines, called Grams, returns results that are repetitive and often irrelevant to the query. Link lists like The Hidden Wiki are another option, but even indices also return a frustrating number of timed-out connections and 404 errors.

Dark web sites

Dark web sites look pretty much like any other site, but there are important differences. One is the naming structure. Instead of ending in .com or .co, dark web sites end in .onion. That’s “a special-use top level domain suffix designating an anonymous hidden service reachable via the Tor network,” according to Wikipedia. Browsers with the appropriate proxy can reach these sites, but others can’t.

Dark web sites also use a scrambled naming structure that creates URLs that are often impossible to remember. For example, a popular commerce site called Dream Market goes by the unintelligible address of “eajwlvm3z2lcca76.onion.”

Many dark websites are set up by scammers, who constantly move around to avoid the wrath of their victims. Even commerce sites that may have existed for a year or more can suddenly disappear if the owners decide to cash in and flee with the escrow money they’re holding on behalf of customers.

Law enforcement officials are getting better at finding and prosecuting owners of sites that sell illicit goods and services. In the summer of 2017, a team of cyber cops from three countries successfully shut down AlphaBay, the dark web’s largest source of contraband, sending shudders throughout the network. But many merchants simply migrated elsewhere.

The anonymous nature of the Tor network also makes it especially vulnerable to distributed denial of service attacks (DDoS), said Patrick Tiquet, Director of Security & Architecture at Keeper Security, and the company’s resident expert on the topic. “Sites are constantly changing addresses to avoid DDoS, which makes for a very dynamic environment,” he said. As a result, “The quality of search varies widely, and a lot of material is outdated.”



What is The Tor Project?

Tor is software that provides individuals the ability to communicate anonymously. The name Tor is actually an acronym derived from its original namesake: “The Onion Router.” Users herald Tor browsers as the ultimate means to travel through the expansive internet anonymously.

Freedom and Privacy Within The Tor Project

Tor makes it difficult to track a person’s online presence and comprehensively provides a cover for the purposes of visiting websites, dark web links, making online posts, sending instant messages, and nearly all other forms of electronic communication.

As such, Tor users proclaim that their freedoms are upheld in a way that is incomparable to traditional programs with their tracking and modicum of data surveillance. It is worth noting, however, that Tor does not completely resolve anonymity issues on the net by erasing a user’s surfing footprint. Rather, it functions to reduce the possibility for various sites to track a user’s actions and send crucial information back to the inquiring parts.

Who Uses The Tor Project

Tor is used by an enormous aggregate of people and their individual interests. Below is a list of web users who may use the Tor Project online.

  • Bloggers
  • Government Agencies
  • Criminals
  • Whistleblowers
  • Journalists
  • Activists
  • Dark Web Users

Today, Tor’s user base is comprised of chatters, bloggers, social media posters, and other individuals with perfectly benign interests who wish to surf the net in a secure and wholly private fashion.

However, there is definitely a more illicit population of Tor users who use the cloaking capacities of Tor to hide their criminal and illegal endeavors and illegitimate enterprises.

Tor users aren’t simply defined by dual populations of illicit and licit users, as there are plenty of groups worth mentioning who comprise the user base. Law enforcement agencies can be regularly found on Tor, as well as “hacktivism” groups various governmental agencies, whistleblowers, and informants.

Public Perception of The Tor Project

Recently, The Tor Project sent out a press statement claiming they had a broad population of “normal users” who simply desired the privacy and cybersecurity afforded by Tor and had no inclination towards criminal or illicit activity. Clearly, this was an effort on Tor’s part to defend their services in light of burgeoning interest and awareness of Tor along with the Deep and Dark Webs.

Despite the intermittent public relations attempts thatTor finds itself having to put out, they have nevertheless enjoyed a robust user base that is consistently growing with each passing year. As of 2013, Tor had a user base of just over four million. Today, their user base is estimated at just under six million and is comprised of a wide variety of individuals with a range of interests and intents.

Tor Project Limitations

However, there are many drawbacks of Tor that must be fully understood before using the service.

  • Autonomous system – Also Known as Eavesdropping
  • Exit Node Eavesdropping
  • Lack of Boundary Traffic Monitoring

Autonomous system – Also Known as Eavesdropping

In the event that an autonomous system is found on dual paths via the client to entry directionality, the autonomous system can then implement statistical correlation upon the entry traffic, in addition to existing pathways.

The resulting harm is the ability to make an inference in regard to the original destination from which the user made communication. Hugely problematic for Tor users, this matter came to a head in 2012, when the Lastor group created and proposed a method of interference via statistical prediction that would remedy the issue.