The internet opened the door to a realm of possibilities that permanently changed the business and social landscape and our personal lives. Most users are no longer restricted to dial-up; many of us now consider access to a stable internet connection as a critical aspect of our daily lives. We pay our bills online, check our bank statements, communicate via email, and maintain a presence on social media. Many users rely on the web for work and entertainment, and seeking out information through search engines is customary.
It is not common knowledge that today's most popular search engines, including Google, Bing, Baidu, and DuckDuckGo only index a portion of the internet. The area of the internet we access day to day is known as the clear or surface web. There is also the deep and dark web, and here are some things that you need to know about the differences.
You could consider the clear or surface web the "top" and visible layer of the internet, easily accessible using a browser such as Safari, Chrome, Edge, or Firefox. To refer to the terms dark and deep are sometimes used interchangeably. The deep web is the second layer of the internet, which is not indexed by search engines. Websites and pages in the deep web might include password-protected content, private forums, and personalized resources. As search engine crawlers do not catalog these pages, you would need to know the exact link to access a website in this area of the internet. This could include government services to access your records, health care services, members-only areas, intranets, or corporate resources.
The dark web requires special software to access. You need to install a Virtual Private Network (VPN) and use a privacy-central browser such as the Tor network to connect via nodes and proxy servers, which are more secure and aim to anonymize traffic requests. The Tor Browser can access the special domain names, with the suffix .onion, used in the dark web. The aim is to reduce your online footprint as much as possible, anonymize your traffic, and disguise your location.
When the dark web is mentioned online, it is usually in tandem with criminal marketplaces and arrests made by law enforcement agencies. Drugs, weapons, and stolen IP and data are all hot businesses in the dark web, with hundreds of terabytes of offer information. Traders cash in on stolen credit card data dumps, initial access points to vulnerable systems, credentials, and intellectual property belonging to companies comprised during cyberattacks.
According to cyber threat researchers, 48% of organizations have no documented dark web threat intelligence policy, despite the obvious danger. The dark web may have more uses for organizations and individuals than what a small subset of criminals do under its umbrella. There are many legitimate uses for dark web services and communication. For example, this can include tools hosted for combating censorship and critical services for individuals in countries with stringent government surveillance and control, as well as privacy-enhancing anonymous email and whistleblower drop boxes. Some media outlets also maintain an online presence via the dark web when their surface websites are blocked, and other websites do the same when they are banned at the ISP level by countries during unrest and protests. Remaining anonymous can be invaluable to protesters, civil rights groups, journalists, lawyers, and other vulnerable groups.
Unless you know exactly where to go to access a legal and legitimate website, you need to be aware of some of the risks you might be taking. These include:
- Illegal marketplaces: If you stumble upon an underground marketplace, you will find all items and services for sale, including drugs, weaponry, counterfeit documents, stolen information, and malware. However, just because you are on the dark web and may be using cryptocurrency for purchases does not mean you will not be tracked down.
- Scams: As the Wild West of the web, even if you take the chance and try to buy something illegal, you could be scammed. Sellers are often not what they seem.
- Visits to extreme content: It is not that likely unless you intend to find it, but if you stumble upon extreme or abusive content, you might find yourself subject to an investigation by law enforcement. It should also be noted that downloading such content is often illegal.
- Malware: In the same way as the clear web, websites and resources found here may hide malicious software designed to compromise your PC or mobile device. Malware can include information stealers, Trojans, ransomware, or exploit kits. You may also be subject to phishing attempts.
Red Sky Alliance does not recommend that anyone other than trained cyber threat professionals visit or research the dark web. If you need/want to access dark web resources, these are the steps you need to take.
1.0 Use a VPN that will mask your location and stop the online breadcrumbs that can lead back to you. Connections made while a VPN is active will also be encrypted, helping you stay protected from eavesdropping and Man-in-The-Middle (MITM) attacks. You can usually select the location you want to appear to originate from, and VPNs will use a collection of servers and relays to make tracing your IP difficult.
VPNs are also used for accessing geo-locked content hosted by streaming services. The best options are paid-for and subscription-based, as many free options will either throttle your speed or collect your data.
2.0 You will need to visit the Tor Project to download the Tor Browser, a browser that prevents online fingerprinting, circumvents website blocks, and stops trackers from building profiles based on browsing habits.
The Tor Browser uses different layers of encryption to further strengthen your anonymity. It has integrated the DuckDuckGo search engine, a system that does not save or log your search queries. You should check the settings, and if you want a more secure experience, go for the "safer" or "safest" options, which also disable potentially dangerous website functionality, such as rogue JavaScript.
The Tor network is operated by thousands of volunteers worldwide who maintain the proxy servers that protect your identity. You can download the Tor Browser for Windows, macOS, Linux, and Android.
A VPN and Tor should be used together, and connecting via a VPN to Tor, rather than vice versa, is advisable for the best protection possible. In addition, if you're concerned about malware or exploits, you could also consider using a virtual machine (VM).
3.0 To access a dark web resource, you must know its web address. These websites will also use .onion top-level domain names, many of which will be long, random combinations of letters and numbers.
Several directories host .onion links and websites, but you should always demonstrate caution. Some will lead you to commercial sites ranging from cryptocurrency mixers to drugs and fake passport offerings; others are non-commercial and include legal content, such as education and training workshops, forums, and personal blogs. DefCon, ProPublica, the CIA, various libraries, and open-source software providers also feature in this area of the internet.
It would help if you remembered that accessing dark web resources in most countries is legal, but conducting criminal activities via the dark web is illegal.
Suppose you are visiting websites on the dark web that are not adequately protected. In that case, you may make yourself the subject of scrutiny or investigation even if there is no evidence of illegal activities or purchases. A VPN can help disguise your use of Tor and visits to dark web resources. Consider outfitting a “clean” computer for dark web activities that do not hold your primary email address or other accounts. And be prepared to completely “wipe” this computer immediately if unusual activity begins to appear. Being hidden does not translate into being completely protected from the possibility of tracking or, when it comes to illegal activities, of risk.
Red Sky Alliance offers Dark Web investigation services that can be found at:
https://www.wapacklabs.com/redpane
Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization. For questions, comments, or assistance, please get in touch with the office directly at 1-844-492-7225, or feedback@wapacklabs. com
Weekly Cyber Intelligence Briefings:
- Reporting: https://www. redskyalliance. org/
- Website: https://www. wapacklabs. com/
- LinkedIn: https://www. linkedin. com/company/64265941
Weekly Cyber Intelligence Briefings:
REDSHORTS - Weekly Cyber Intelligence Briefings
https://attendee.gotowebinar.com/register/5504229295967742989
Comments