Initially, a niche idea spawned in the wake of the increasing scrutiny placed on security and privacy online; the dark web is now a legitimate force in the online space.
When Google and other search companies index the Web, the reality is that they are barely scratching the surface of available content. While the surface Web is huge and continues to grow dramatically, the hidden deep Web is estimated is to be 500 times bigger.
The vast majority of the content in the deep Web is perfectly harmless. An example could be a database of academic research papers that is not indexed, but can be accessed if you know which server it resides on, or the pages of Amazon with their tailored recommendations based on your purchase history.
Unfortunately, there’s a more sinister side to the deep Web. This is the shady world of hitmen-for-hire, illegal drugs, weapons, child abuse images and hackers, which is deemed the ‘dark Web.’ It is the vastness of the dark Web’s unregulated content and its proximity to harmless, deep data that means it needs to be carefully considered by online users. The deep Web leads into the dark Web with far more regularity than is initially obvious.
There is often confusion surrounding the areas of the Internet that can be classified by the monikers of ‘deep Web’ and ‘dark Web.’ The dark Web is the main area of concern for businesses, where content is intentionally hidden from Web browsers. The dark Web can be used by people simply not wanting to have their Internet activity monitored, but is also the prime location for often illegal content to be placed, as anonymous access is a prerequisite to its use.
The Tor (The Onion Router) network is the highest profile means of accessing the dark Web – a free browser that anonymises Web traffic by passing it through a series of proxy networks and disguising identifying information, such as location and IP addresses. Think of it like taking a long, complicated route somewhere to throw somebody off your scent.
However, with the amount of unfiltered content available through Tor, the argument that “it is fine to use as it’s just there to preserve privacy” doesn’t stand up in a business context. As the lines between legal and illegal Web content becomes near impossible to differentiate in the reaches of the deep Web, content that could be damaging to a business can easily be accessed inadvertently.
While Tor can be used to maintain privacy on the Web when it’s used to access dark Web pages away from prying eyes monitoring your data, ironically, there is a greater risk of your personal data being exposed and used maliciously. Rather than the monitoring by major tech companies, such as Google or government bodies, being an issue, it is instead cyber criminals that use the darker reaches of the Web that should be a concern.
Pages can often appear to be legitimate, but like a Venus fly trap are only surface disguises to snare users and extract as much information as possible from them. The criminals can then follow this trail of information upwards, and use it to compromise users’ data and the business that they work for. With pages disguised as everything from search engines to account logins, traversing the dark Web is littered with hidden obstacles.
There has been a huge amount of media speculation and confusion surrounding the dark Web and how dangerous it can be, and often the amount of dangerous material in it has been blown out of proportion. However, it is still vital to know the facts about both the deep and the dark areas of the Internet, as the security risks found in them are often dynamic, hidden and not widely recognised.
The deep Web is a vital source of information and content, but in the short transition to the dark, your business and online identity can be compromised before you even know it’s happened.
About the Author: Mark Gibson is Sales Director at Bloxx. With more than 20 years’ proven sales experience in the information technology (IT) industry, Gibson’s remit is to the business both in the U.K. and internationally, primarily by extending Bloxx’s worldwide channel program. Before joining Bloxx, Gibson held senior positions within Capita and SAS.
Editor’s Note: The opinions expressed in this and other guest author articles are solely those of the contributor, and do not necessarily reflect those of Tripwire, Inc.
Check out Tripwire SecureScan™, a free, cloud-based vulnerability management service for up to 100 Internet Protocol (IP) addresses on internal networks. This new tool makes vulnerability management easily accessible to small and medium-sized businesses that may not have the resources for enterprise-grade security technology – and it detects the ShellShock and Heartbleed vulnerability.
The Executive’s Guide to the Top 20 Critical Security Controls Tripwire has compiled an e-book, titled The Executive’s Guide to the Top 20 Critical Security Controls: Key Takeaways and Improvement Opportunities, which is available for download [registration form required].
Image courtesy of ShutterStock.