Hacking is a fact of life for business and consumers alike. Often, leaked data surfaces and is sold to miscreants—hackers, shady government organizations, and other bad actors—on the Dark Web.
The Dark Web—or darknet, backweb, onionweb—is frequently misunderstood. The network is used by legitimate actors like law enforcement organizations, cryptologists, and journalists as often as by malefactors and criminals.
SEE: Three ways encryption can safeguard your cloud files (Tech Pro Research report)
TechRepublic's smart person's guide is a routinely updated "living" precis about how the Dark Web works, the content that populates the encrypted internet, and the encryption tools needed to safely navigate the network.
- What is the Dark Web? Much like the internet—or clearnet—that billions of people access every day from mobile and desktop devices, the Dark Web is a network of websites, forums, and communication tools like email. What differentiates the Dark Web from the clearnet is that users are required to run a suite of security tools that help anonymize web traffic. The Dark Web is used for both nefarious and reputable purposes. Criminals exploit the network's anonymity to sell guns, drugs, and humans, while organizations like the UN and Facebook use encryption to protect dissidents in oppressive countries.
- Why does the Dark Web matter? The Dark Web matters for two significant reasons: ideology and practicality. Where encryption exists, there also exists a large market of users who wish to remain anonymous.
- Who does the Dark Web affect? Every internet user. If your data was leaked as part of a government or corporate hack, it's for sale on the Dark Web.
- How is the Dark Web accessed? The Dark Web is most commonly accessed using the Tor security suite and the Tails flash-bootable operating system.
SEE: Ebook: IT leader's guide to the Dark Web (Tech Pro Research)
What is the Dark Web?
The Dark Web is a network of websites and servers that use encryption to obscure traffic. Dark Web sites require the .onion top level domain, use non-memorable URL strings, and can be accessed only by using the open source, security-focused Tor browser. Because it's portable and disposable, Tails, a Linux-based operating system that boots from a flash drive, adds a layer of security to Deep Web activity.
Because the tools required to access Dark Web sites help protect user—and server—anonymity, in the past decade the Dark Web has become a magnet for criminal activity. The Silk Road, an eBay-like market for drugs and weapons, famously helped establish the market for peer-to-peer anonymous criminal commerce. The site grabbed mainstream headlines in 2013 when it was taken down by the FBI. In its place rose a number of copycat markets. The negative press, coupled with YouTube horror stories, glued the Dark Web's reputation to illicit behavior. Today, the Dark Web markets sell drugs, weapons, malicious software, and piles of consumer and sensitive corporate data.
SEE: Cybersecurity spotlight: The ransomware battle (Tech Pro Research ebook)
But the Dark Web is not all bad news. ProPublica, a well-respected investigative news organization, has a Dark Web site to help the company securely communicate with sources. The United Nations law enforcement department, the Office on Drugs and Crime, monitors the Dark Web and shares data with the public and global police organizations. Even Facebook, the world's largest social network, has a Dark Web site relied on by over one million users per month.
- What is the clearnet? Clearnet sites are sites that track user data, drop cookies, and share IP data. Examples of the clearnet are corporate intranet pages, secure bank pages, private social media accounts, and any site that does not use SSL.
- What is the deep web? The Dark Web and the deep web are often confused with one another. The deep web is a term applied to millions of pages that are not accessible to the public and not indexable by search engines like Google and Bing. Examples of deep web sites are corporate intranet pages and wikis, secure bank pages, and private social media accounts.
- Are encrypted email technologies like PGP part of the Dark Web? Not really, but PGP in particular is frequently used to obfuscate communication. PGP email tools and encrypted webmail services allow Dark Web site operators and users to communicate anonymously.
- How are Bitcoin and the Dark Web related? Bitcoin is not inherently anonymous, but scrambling the origin of a Bitcoin is a relatively nominal task. For this reason the virtual currency is the most popular currency used on the Dark Web and can enable criminal activity.
- What is .onion? To denote that the domain points to an encrypted site, Dark Web URLs end with the .onion suffix and are inaccessible to traditional browsers that lack proper security plugins.
- How big is the Dark Web? Not very big. The total population of Dark Web sites numbers only in the hundreds of thousands. Dark Web sites frequently disappear or are discovered and yanked from servers for violating local law. Security experts estimate that at any given moment there are between 10,000 and 100,000 active sites.
- How the Dark Web works (ZDNet)
- 10 things you didn't know about the Dark Web (ZDNet)
- Four misleading myths about the Dark Web (TechRepublic)
- The light side of the Dark Web (TechRepublic)
- IBM Security takes us on a tour of the Dark Web (TechRepublic)
Why does the Dark Web matter?
Though the name sounds ominous, the Dark Web did not hatch from some evil hacker lab. The Dark Web is simply a network of websites that require basic encryption technologies to be enabled before users can load content. These are the same technologies that protect passwords when users log on to bank portals and sites like Gmail and Facebook.
For this reason, the Dark Web is used by proponents of privacy and encryption. Organizations as diverse as the Electronic Frontier Foundation, Facebook, the U.S. State Department, and the United Nations all argue vociferously that encryption is a fundamental human right.
The Dark Web is practical. The anonymity and security provided by the encrypted internet means the Dark Web is a haven for criminals, law enforcement agencies, freedom fighters, journalists, neo-capitalists, and curiosity seekers. The Dark Web is unlikely to vanish any time soon.
- Stolen data on the dark web is cheaper than you might think (ZDNet)
- A hacker is advertising millions of stolen health records on the dark web (ZDNet)
- What happens when you leak stolen bank data to the Dark Web? (ZDNet)
- Video: Here's why Facebook is buying passwords from the dark web (ZDNet)
- How hackers steal EHR data and sell it on the Dark Web (TechRepublic)
Who does the Dark Web affect?
Using the clearnet generates data. Consumers generate data every time they create a social media account, send a webmail message, or upload a photo from a smartphone. Governments and large corporations generate and oversee billions of records and sensitive files. This makes governments and companies theft targets, and today, data breaches are common.
Consumers and companies need to be aware that sensitive records are bought and sold routinely in anonymous markets. If you've been part of a corporate or government hack, your data is on the Dark Web.
The Dark Web is also a small haven for terrorists and organized crime. Most Dark Web-focused security firms, however, caution against exaggerating the size of, and the risks posed by, the encrypted internet. Global law enforcement is aware of, operates on, and works to combat illicit Dark Web activity.
- From the dark web to the 'open' web: What happens to stolen data (TechRepublic)
- The price of your identity in the Dark Web? No more than a dollar (ZDNet)
- PoliceOne confirms hack; thousands of forum accounts for sale on the dark web (ZDNet)
- Satan ransomware-as-a-service starts trading in the Dark Web (ZDNet)
- Insider trading takes the Dark Web by storm (ZDNet)
- Hacker puts 51 million file sharing accounts for sale on dark web (ZDNet)
- One of the biggest hacks happened last year, but nobody noticed (ZDNet)
How is the Dark Web accessed?
The best way to access the Dark Web is with Tor. An acronym for the onion router, Tor is an open source protocol and suite of plugins built on top of Mozilla's Firefox web browser. Tor helps anonymize the source and destination of web traffic by passing the machine's IP address through a network of similarly encrypted IP addresses. The result is that web browsing slows down a bit as each request is bounced around the world, obfuscating user traffic.
For additional security, power users and experts also use anonymity-protecting operating systems like Tails. Tails is a Linux distribution that specializes in security and convenience. The operating system takes about 20 minutes to install on a flash drive and can be booted from the USB drive on nearly any machine in the world. Tails comes preconfigured with Tor and offers dozens of other security features.
There is no guarantee of privacy on the Dark Web. Tor recently warned users not to expect complete end-to-end privacy while using the network.
- How to safely access and navigate the Dark Web (TechRepublic)
- 14 privacy tools you should use to stay secure (ZDNet)
- How to access Tor, even when your country says you can't (ZDNet)
- Gallery: The top zero day Dark Web markets (TechRepublic)
- Gallery: The top 10 Dark Web search engines (TechRepublic)
- AlphaBay Dark Web marketplace hacked, private messages leaked (ZDNet)
SEE: Quick glossary: Malware (Tech Pro Research report)
Novices and experts should exercise care and caution when visiting the Dark Web. TechRepublic does not condone illegal or unethical activity. Offensive material can sometimes be just a click away. Browse at your own risk. Never break the law. Use the Dark Web safely, and for legal purposes only.
- 'Down the Deep Dark Web' is a movie every technologist should watch (TechRepublic)
- Digital currency is poised to reinvent how startups are funded, led by Chroma Fund (TechRepublic)
- Dangers of the Deep, Dark Web (IBM white paper)
- Infographic and interview: The explosion of cybercrime and how to protect your business (TechRepublic)
- Defending the last missing pixels: Phil Zimmermann speaks out on encryption, privacy, and avoiding a surveillance state (TechRepublic)
- Inside the secret digital arms race: Facing the threat of a global cyberwar (TechRepublic)
- Cyberwar: The smart person's guide (TechRepublic)
- Online sales of illicit drugs triple since Silk Road closure (CNET)
- 200 million Yahoo log-ins reportedly for sale on dark web (CNET)
- Why US government sanctioned hacking needs to be regulated (TechRepublic)
- Interview with a hacker: Kapustkiy from New World Hackers (TechRepublic)
- Interview with a hacker: S1ege from Ghost Squad Hackers (TechRepublic)
- Interview with a hacker: Gh0s7, leader of Shad0wS3c (TechRepublic)
- Cybersecurity Research 2016: Weak Links, Digital Forensics, and International Concerns (Tech Pro Research report)
Dan Patterson has nothing to disclose. He does not hold investments in the technology companies he covers.
Dan is a Senior Writer for TechRepublic. He covers cybersecurity and the intersection of technology, politics and government.