The Dark Web

The Dark Web is misunderstood and underrated in its purpose - as well as the threat it contains. Read ahead to find out how the dark web can affect you and your organisation.

The Dark Web is one of the three parts of the Internet which is the home of all the hidden parts of the internet not normally seen by people like you or me on a day to day basis. It cannot be accessed through the use of conventional browsers such as Firefox, Chrome or Safari. Instead the dark web can only be accessed to browsers purpose built around giving users access to the dark web such as TOR (The Onion Router) or I2P (The Invisible Internet Project). The dark web is very often confused with the deep web, but in fact they are two different parts of the internet as a whole.

Loads of people assume that due to the general usage of the dark web for malicious and criminal purposes that is it actually illegal to use the browsers above to access the dark web, but this actually is not the case but yet there are still massive risks involved with accessing the dark web as accessing certain websites can give off the impression that by using TOR for example to remain anonymous on the dark web you might be attempting to do some kind of malicious or illegal task.

What kind of threats exist on the dark web?

Malicious Software

The dark web provides a great platform for the creation and distribution of malware and has even allowed for the creation of the idea of “malware as a service”  which includes the ability to hire someone through the dark web to create custom malware for specific uses or even paying for ransomware as a service (RaaS) which is where someone pays a vendor for access to their ransomware tools through a subscription service to allow someone with little technical know-how to commit ransomware attacks on a victim of their choice.

Illegal Sales

The Dark Web is the home for the sale of illegal goods and services, with the sale of stuff like drugs, hitmen services, sex services and weapons being quite commonplace across the purpose built marketplaces for these goods and services such as Silk Road or Hydra. The dark web is the perfect place to do these sales due to its anonymous nature partnered with the idea of using cryptocurrency to conduct these transactions which practically makes it near impossible to track these transactions.

The dark web is also the place where breached data goes to be sold to the highest bidder after an attack, for example, if someone stole tons of credit card or bank details from a bank it is highly likely that all that information would be sold illegally on the dark web later on without the victim’s knowledge

Spoofing

The dark web also has the spoofing threat still in place, as threat actors are able to create websites which might mimic their surface web counterparts. This tactic provides cybercriminals with login details and personal information from users - who believe they are just simply using their TOR client to access websites they have used countless times on the surface web.

How do I protect myself and my business against the threat of the dark web?

Below is a list of some good practices which will help protect yourself and your business from the threats of the dark web.

Read up on the current cyber security news to ensure that you are aware of the threats currently affecting people, there might be the chance that it is affecting you as well and you can take steps to protect yourself against a threat from the dark web before it affects you.

Understand how using the same password for every tool and service is insecure and that there are tools such as password managers or two-factor authentication which can help improve the security of your logins.

Use a VPN to hide your location and internet activity across all three parts of the Internet, so cyber criminals cannot gain any useful information from your IP address as it is hidden by the VPN.

Use a security consulting service, which will allow businesses to better understand where their security flaws are and how to fix them to prevent cyber threats from exploiting them.

Make use of proper security tools such as anti-virus and anti-malware protection to ensure that if you do slip up that you have that layer of protection to stop malware from conducting massive damage.