The Dark Web – Fueling an Already Gargantuan Problem

Black keyboard where the enter key is glowing blue showing the word darknet and a skull  cybersecurity concept 3D illustration
Post Published On: April 25, 2018

Googling – it’s almost second nature to most of us today. However, not all of us give much thought to the process that unfolds each time we perform a search on Google. Every search query is the result of crawling and indexing procedures that locate the most relevant, accurate and up-to date results from publicly accessible web pages. This portion of the world wide web that can be “crawled” and “indexed” by search engines is what we call the Surface Web.

The Surface Web

The Surface Web is only a portion of the entire world wide web. And yet, many people are able to meet all their internet requirements from surface web services such as social media, search, email, movies and entertainment, etc. on surface web services.

The Deep Web

The Deep Web is a portion of the web that is restricted to authorized and authenticated users only. Consider, for instance, an organization’s web based email services. Access to emails is limited only to employees, and is provisioned on the basis of valid authentication. Quite obviously, none of the content of the emails is indexed or crawled on by search engines. When a Facebook group is hidden from being discovered by search engines, it is essentially becoming a part of the Deep Web.

The Dark Web

The Dark Web is a subset of the Deep Web that can only be accessed via purpose built browsers. Much unlike the Deep Web and the Surface Web, the Dark Web operates upon the foundational principle of user anonymity. It is nearly impossible to trace a user on the Dark Web.

With this layered view of the web, it was rational for Michael K Bergman to state, “Searching on the Internet today is comparable to dragging a net across the surface of the ocean. While a great deal may be caught in the net, there is still a wealth of information that is deep, and is therefore, missed.”

Onion Routing

Accessing the Dark Web requires specific software, one of the most popular of which is ToR Browser. Expanded as the Onion Router, ToR was originally created by the US Naval Research Laboratory. It was further developed by the US Defense Advanced Research Projects Agency – the US military agency responsible for developing emerging technologies for military use.

In onion routing, every data packet is routed through as many as 6000 hops within the ToR network before it reaches its final destination. What adds to the complexity is that before transmission, the packet is subject to one layer of encryption for every hop – which implies up to 6000 layers of encryption. At each hop, a node knows only enough to decrypt the corresponding layer and transmit the packet over to the next hop. Further, each node only knows the previous hop and the next hop. The originating source and the final destination are essentially abstracted throughout the transmission, thereby making packets untrackable to a specific source or destination.

The Dark Web is also accessible by other browsers such as I2P and FreeNet. However, doing so remains illegal and punishable by law in many countries including the UAE.

Organized Cybercrime on the Dark Web

When this level of anonymity is coupled with a robust payments ecosystem such as cryptocurrencies, which also, quite favourably guarantees anonymity, it wasn’t long before cyber criminals started to trade banned goods and services on the Dark Web. Online market places have thrived for years on the Dark Web, peddling banned substances, counterfeit currency notes, forged passports, and other illegal merchandise to a willful base of customers – customers who are knowledgeable enough to navigate to a Dark Web marketplace and place orders.

Every time an organization is breached, it is likely that the stolen username and password sets will land up on a darknet website for sale, sometimes for as little as USD 2 per account. The market is not restricted only to banned products. One may also recruit criminal services including hacking, extortion, etc. Furthermore, one may also pay for web based services to create and launch malware, ransomware, phishing emails, rootkits, etc. towards hapless victims.

Enterprise Defense Strategy

With the Dark Web, cybercriminals are able to exploit the advantages of scalability, anonymity and execute their clandestine operations with utmost speed. Further, organized criminal services such as “Ransomware as a Service” are enticing more and more individuals to join the cybercriminal community, as they eliminate the need for strong technical or hacking expertise. For Cyber Security professionals, the Dark Web is a major dimension of an already gargantuan problem – the war against cyber-crime. The fundamentals of Cyber Defense, with focus on a holistic approach encompassing people, processes and technologies remain all the more crucial in such an age. Investment in Cyber Defense tools and tactics is the need of the hour.

Author: Praveen Joseph Vackayil, Ingram Micro Cyber Security Consultant and Trainer