< Back to EPP 101

What is The Dark Web?

December 17, 2020

What is The Dark Web?

The dark web is part of the internet where users can access unindexed web content anonymously through a variety of encryption techniques.

While the dark web is generally associated with nefarious activities, such as buying and selling drugs, weapons, counterfeit goods or stolen identities, its origins can be traced to researchers and scientists at the U.S. Naval Research Lab who recognized how easily digital activity and communication could be monitored, intercepted and exploited. The dark web continues to be used today by the intelligence community as well as by whistleblowers, members of the media and ordinary citizens whose communication may be monitored or restricted by the government.

2020 Global Threat Report

Download the 2020 Global Threat Report to uncover trends in attackers’ ever-evolving tactics, techniques, and procedures that our teams observed this past year.

Download Now

Dark Web vs Deep Web

While these terms are often used interchangeably, the dark web and deep web are two very distinct concepts.

The deep web refers to any web content that is not indexed—or pages that can’t be found with a search engine. An example of this type of web content may include any websites that are behind a paywall or require log-in credentials. Most internet users access the deep web several times a day to perform common tasks, such as checking email, accessing a bank account or reviewing health or school records. Items you would not be able to simply access by clicking on a link from a search engine.

The dark web in a network of unindexed web content. The biggest differentiator between the deep and dark web is that dark web activity is made anonymous through a variety of encryption and routing techniques. The dark web is also unregulated, meaning that it is run and upheld by a vast network of individuals around the world. This network contains thousands of volunteers who operate proxy servers to route dark web requests. As such, no one is responsible for setting rules or ensuring their adherence. This operating model is what makes the dark web such a valuable and appealing tool for cybercriminals and other people with questionable intentions.

While the dark web is part of the deep web, the inverse is not true. As such, the two terms should not be conflated.

Learn More

The anonymity provided by the covert areas of the web make it an attractive place for cybercriminals to conduct business. Unfortunately, gaining visibility into these locations is extremely challenging; it requires a knowledge of the criminal underground, logins to restricted sites, and technology that’s capable of monitoring these sources. Learn from a CrowdStrike expert about an upcoming module that monitors these hidden areas of the internet to alert you to data leaks, fraudulent use of your brand, and much more. Watch: Exploring the Hidden Web: A New Falcon Module Preview

How Do You Access the Dark Web?

To access the dark web, users need a special browser, the most common of which is Tor, short for “The Onion Routing” project, which launched in 2002 and serves millions of users. Another is I2P (Invisible Internet Project), which specializes in the anonymous hosting of websites on the dark web.

On the dark web, user activity is completely anonymous because of darknet encryption technology, which routes users’ data through many intermediate servers, obfuscating the users’ identity and location. This convoluted process is extremely difficult to trace and reproduce, which makes it impossible to decrypt activity. As a result, websites are not able to pinpoint the geolocation or IP address of users. In the same way, users cannot ascertain the same information about other users or hosts. To maintain anonymity, all transactions on the dark web are conducted with Bitcoin, a virtually untraceable digital currency. As a result, dark web users can interact, communicate, share files and conduct business confidentially.

Once a user installs a dark web browser on a device, it functions like a regular browser. That said, it can be difficult for users to find the material they are looking for on the dark web. Addresses tend to be a mix of random numbers and letters, making them challenging to remember or access manually. Addresses also change frequently due to the transient nature of many dark web actors. Finally, because the dark web routes all traffic through a series of proxy servers, which are operated by thousands of volunteers around the world, the search process is typically very slow.

What You May Find on The Dark Web

Much like the surface web, the dark web contains a vast amount of information and a wide variety of content. For example, one dark web website might cater to online chess matches while another offers truly anonymous messaging and email services. That said, most people associate the dark web with unsavory activities, such as hosting pirated movies, music and books, operating digital marketplaces for drugs and weapons or the sharing of pornography. In recent years, the dark web has been instrumental in allowing people to communicate freely in countries where speech is restricted or threatened.

From a cyber security perspective, the dark web is where cybercriminals sell or trade stolen information, such as personal banking details, social security numbers, digital credentials, IP or other trade secrets. While activity on the dark web is anonymous, law enforcement agencies, the intelligence community and cybersecurity professionals often maintain a presence on the dark web in an attempt to monitor, trace or trap cybercriminals. For many, simply knowing what information is being bought and sold online may help organizations and people take the appropriate steps to protect their information and assets.

Risks of Engaging on The Dark Web?

The dark web is a common gathering place for hackers and other cybercriminals, which can make browsing the dark web a risky activity. Visitors to the dark web should exercise extreme caution when downloading files, as they may infect your devices with viruses, malware, trojans or other malicious files. At a minimum, users should ensure that their cybersecurity defenses are activated and up-to-date.

That said, many of the actors on the dark web are highly skilled digital adversaries who can easily outmaneuver basic security measures. As a leading cybersecurity vendor, CrowdStrike cautions all organizations and individuals to refrain from using the dark web.

Users of the dark web should also realize that although their activity is technically anonymous, associating with people who are conducting illegal activities can have legal implications. Several recent high-profile takedowns of dark web marketplaces such as Silk Road, Alpha Bay and Wall Street Market have resulted in hundreds of arrests around the world, underscoring the risks of engaging in illegal activity in any form.

Can the dark web be shut down?

In short: No. The dark web is the result of the collective effort of countless people around the world. As such, “shutting down” the dark web is not a matter of disconnecting a single server or containing an individual. While some aspects of the dark web have been deactivated as a result of the arrest of operators, the effect is temporary, as others step in and fill the gap.

Finally, it is important to remember that the dark web grew out of a need for a more secure communications channel in the intelligence community. The dark web continues to be a valuable tool and exchange network for many groups around the world. It is considered an outright necessity by some in order to encourage free speech, maintain a free press and support the work of law enforcement and government agencies.