Blog Details

For the vast majority of Internet users, Internet access starts with a traditional Web browser and, once on, the individual surfs using direct URL links and search engines. Most keep to this side of the Internet as it provides them with all of their needs. However, behind an overlay networking corner there exists a different side of the World Wide Web. Something many have never accessed and still others have never heard of. It is the dark web. Whether referring to the "dark side" or the "Dark Knight," adding the term "dark" to any title instantly adds a level of intrigue, mystery and danger. The same is true for the dark web. But what exactly is the dark web, and should business owners and network administrators worry about what takes place on the other side of the Internet?

The Deep Web

To understand the dark web, it helps to paint a picture of the Internet in its entirety. The World Wide Web is not simply what the average user sees. One way to paint a clearer picture of the sheer size of the Internet and what a general user has access to is to compare it to the universe. The Internet, like the universe, is ever expanding and growing larger. However, the "light web," or the Internet a user logs onto when firing up a Web browser, is the Earth. There is plenty to see and has enough information for a thousand lifetimes, but in the grand scheme of things, it makes up just a tiny spec of the entire universe. The same is true with the Internet. While the light web provides seemingly endless amounts of information, it only makes up a small portion of the entire Internet. The rest of the Internet is known as the deep web (CNN, 2015). 

Before diving deeper into the dark web (also referred to as the dark net, or darknet), it is necessary to understand its place on the deep web (do not confuse the two. The dark web simply makes up part of the deep web). For most websites, it is the desire of the admin and owner to be indexed by search engines. This helps generate traffic and revenue. However, there are far more websites out there that are, for one reason or another, not indexed by search engines. 

While most Internet users likely do not access the dark net, there is a strong possibility they have accessed the deep web. Even on a daily basis. Non-indexed websites, hidden behind specific HTML forms include online banking, websites protected by a paywall (such as a video on demand [VOD] website) or something similar. Other websites are never indexed because the admin never submits the website to search engines and blocks search engines from cataloging the site. When this happens, the page is more or less invisible to those who do not know the exact URL. The dark web makes up part of the deep web as the content here is not indexed by search engines, but it takes secrecy and access to an entirely different level (Guiding Tech, 2017). 

Welcome to the Dark Side

The dark web is part of the deep web, which is not indexed via search engines. However, websites found on the dark web are not simply hiding, where you need to just known the URL or have a password to access server protected content. Instead, you need either special software, specific authorization or a combination of the two to access a site. 

Servers on the dark net are used for varying reasons. Some networks allow individuals to browse the Internet invisibly, so no trace is left on the site and the website admin has no knowledge of the visitor. This is done by encrypting user information via sending it through different intermediate servers (known as onion routing). With the encryption in place, even if a website admin knows it has a visitor, there is no IP address, geolocation or other data provided. It's like someone's home doorbell rings, but when they answer the door nobody's there. The software used to access varying corners of the dark web are not difficult to come by. Many are available through peer to peer (P2P) networks (Huffington Post, 2015).

What is the Dark Net Used For?

Realistically, just about anything can happen on the dark net. There are social networks for varying groups and perfectly legal financial information can appear here as well. Beyond this though, on the traditional World Wide Web, some content simply cannot exist, as government agencies can identify illegal activity and shut it down. The same is not the case with the dark web, so a considerable amount of illegal activity does take place. 

In 2016, over eight percent of all dark web uses centered around the illegal drug trade (these numbers are general estimates, as mapping all movement on the dark web is next to impossible to do). Illicit activities, such as terrorism communication, is almost at four percent while hacking sits at just under two percent. It is the hacking element business owners may need to educate themselves on (CNBC, 2013). 

Should Businesses Be Worried?

Hacking groups offer services for financial gain over the dark net. These transactions though should not worry businesses. If someone wants to hire a hacker, they will find one way or another to do so. This does not mean the dark web does not hold potentially devastating consequences for a business network. 

As encryption prevents a website admin from identifying a visitor, it opens itself up to potential hacks and data theft. The company's firewall and other system protections are put in place typically to stop external hacks and infiltration from other traditional Web avenues, not the dark web. Protecting a business network from the dark web is akin to protecting oneself from harm in pitch black and unfamiliar surroundings. However, while the admin is unable to see an invisible visitor coming in, they can see data movement going out. A hacker, whether they use the dark web or traditional means, will not infiltrate a network and grab every piece of data at once. Instead, data is moved in small amounts, making it challenging to know what is going on or that a network has even been hacked until it is too late. Even when hacking form the dark web, when in a business network, the outgoing movement of information can be tracked on the business network's end (Argus Leader, 2017). 

It is the tracking of outgoing information that can prevent hacks from the dark net. A company network needs to monitor this outgoing information and flag it for suspicious activity. This way, a barrier can be placed, preventing the export of this information. By monitoring both internal and external traffic movements, business networks can avoid hacks and data loss from infiltrators originating on both sides of the world Wide Web.

The dark net is a criss-cross of information not found on the traditional Internet. Some of the content found here is perfectly legal, while others prove both illegal and immoral. Corporate heads at least need to understand what goes on here in order to better protect their corporate network. 

Recommended For You

How a Man-In-The-Middle Cybersecurity Attack Works
Understanding how a man-in-the-middle cybersecurity attack works, its functionality and how to defend against such an attack is vital to safeguarding any enterprise network.
The Continued Growth of SaaS and the Cloud Has Complicated Cybersecurity
Both SaaS and the use of the Cloud can lead to substantial security flaws, which is why understanding how the two Internet technology complicate cybersecurity is essential for any size business utilizing these resources. 
The Impact of Internet of Things (IoT) on Cybersecurity

IoT (Internet of Things) devices may provide a backdoor into a corporate network for skilled hackers and cyber criminals. Understanding the impact of IoT on cybersecurity is critical for any enterprise.

Evaluation of the Verizon Data Breach Incident Report for 2017

BlueBolt takes a look at the 2017 Verizon Data Breach Report and provides insight into the numbers and a perspective on what is going on.

Most Common Social Engineering Attacks and Why they Work

The basic principle of a social engineering attack is the ability to manipulate an individual into providing desired information. This information is typically confidential, such as a credit card number, routing information, login/password, or other data the requesting should not have access to.

The Best Ways to Prevent and Protect Against Phishing Attacks
In order to prevent a phishing attack, it is necessary to identify the security weaknesses and set into place different methods to prevent and protect against such phishing attacks.
Phishing Attacks - Why Employees Are the Weak Link in Cybersecurity
A phishing attack is one of the most common methods external malware, spyware or other threats access a network, and yet it also is one of the easiest to avoid. As a company's Internet security is only as strong as the weakest link, it is vital to understand why employees are the weak link in a company's cyber defenses.
DDoS Protection - How to Protect Your Business from DDoS Attacks

Distributed denial of service attacks can come from anywhere. As the best defensive mechanism is prevention, this blog post share several of the best ways you can protect your business from possible DDoS attacks. 

The Anatomy of a DDoS Attack - What it is and How it works

Understanding what a DDoS attack is and how it works is your first step toward protection. This blog takes a closer look at the basics of a DDoS attack.