The Dark Web: A Deep Dive

by admin

Dark Web

As an MSP, our clients know we’re here to “take care of the computers”.  The scenario is often (but not always) that they have their job to do, and you’ll hear from them when there’s an issue that prevents that from happening.  Regardless of their level of insight or knowledge of technology, they likely know the words and phrases that are dropped in conversations today as cybersecurity becomes part of the mainstream.  They may acknowledge that the Dark Web exists, but the concept of exactly what that means may remain a little fuzzy.  Perhaps they have an image of unsavory characters that lurk in alleys and dark corners wearing hoodies and sunglasses to disguise their identity.  The Dark Web is like a scene from Batman where you see in the underbelly of Gotham City cybercriminals lurking and waiting to collect stolen data.  

As we know, the reality of what a hacker is and how they operate is much different than the cinematic version.  These are sophisticated groups that use advanced tactics and live and work among the rest of the world – unsuspecting and undetected.  

What exactly is the Dark Web? 

Like An Iceberg 

One of the easiest ways to explain the concept is to use an iceberg analogy.  Like an iceberg, you can see part of that ice, (or internet) above the horizon, but much of the ice (and internet) resides deep below the surface.  This “deep web” is part of the internet that we can’t see or access via search engines.  But it is ALL THE SAME iceberg – or the same internet.   Now below the surface, in the deepest part of the ocean, in the darkest waters, you’ll find the Dark Web.  The information that is shared on the Dark Web is done via the darknet.  

How Do Hackers Get There? 

First, not everything below the surface is dangerous.  And above the surface, you can easily find what you’re looking for (search engines provide easy-to-use directions), but below, you’re going to need specialized gear…. goggles, a wetsuit, and a flashlight if you want to navigate the underwater tunnels.  And that kind of gear allows you to swim around anonymously, where nobody can see your face.  Next, you’ll need a means of transportation. This transportation is called The Onion Router, or TOR.  Why? Because like an onion, there are many layers to the deep web, and TOR is the gateway to getting access. 

So, the hacker is geared up, they cannot be identified, they have transportation, and they jump into the deep web. Is the whole place dangerous? Short answer, no. It is just where the unsearchable information is stored on the internet.  By some accounts, this is 500 times bigger than what you find above the water.  For example, a Google search will tell you how to log onto a bank’s website (that’s a site that is above water), but your specific banking information isn’t searchable.  With the proper credentials to log in, you can access your own account – that’s stored on the deep web. It is the same for your email or health records. 

Let’s Dive Deeper 

Those darkest, deepest waters…that’s where the Dark Web is.  This is where the marketplace exists that sells personal information, stolen credentials, and sometimes worse. There are files here for sale that are organic and always growing with data that is acquired through breaches.  Yes, there is likely a file with your name on it, and some of your credentials.  The cybercriminals will purchase that information and use it to gain unlawful access to your accounts or to threaten you with an email that contains a password that you once used. This is why understanding cybercriminals’ current tactics and best practices to protect yourself and your accounts is so vital. 

How to Stay Afloat 

Staying ahead of cybercriminals is an ongoing battle.  As soon as you learn new cybersecurity habits, they learn new tactics to fool you.  That’s why an ongoing training program is essential to the protection of any business – we’re all human and humans make mistakes.  We can offset the risk that those mistakes present with a plan of attack when it comes to identifying gaps and mitigating the risk of human error.  

*Source: Breach Secure Now 

Comments are closed.