Cyber

Truth about the dark web

by Mark Rowe

The dark web is shrouded in mystery for many people who may assume that it is unlikely to affect them. In reality, any of us could become a victim of criminals on the dark web which is why ensuring your online security is robust is crucial. Sam Reed, Chief Technology Officer at Air IT, and head of their specialist cyber-security division Air-Sec, explains what the dark web is and how to protect yourself and your business.

What is the dark web?

The dark web is an encrypted network that you can’t get to via traditional search engines like Google, or by using traditional browsers. It only makes up a small proportion of the total number of websites on the internet. In 2016, it was estimated that there are about 30,000 websites on the dark web compared to over one billion websites on the rest of the internet.

The dark web is sometimes confused with the deep web which refers to web pages that search engines cannot find. This may be the case in order to protect sensitive data like bank details. Other webpages like staging sites, intranet pages and those behind paywalls are also part of the deep web. In contrast, web pages which are indexed so they can be found by search engines make up the surface web.

Getting on the dark web isn’t hard, all you need to do is use a browser like Tor which is free and simple to download. Such browsers hide your identity and activity online. They also hide your location in a similar way to virtual private networks (VPNs).

But anonymity isn’t completely guaranteed when you use Tor and the US federal National Security Agency (NSA) can still track you. After all, the browser was developed by engineers working for the United States Naval Research Laboratory to share information anonymously. They opened Tor up to the public so that the noise generated from the extra activity would make it harder to identify which information was coming from government sources.

Not everyone using Tor does so for criminal purposes. People living under totalitarian regimes where the internet is censored may use Tor to browse public sites anonymously. Tor was instrumental in the Arab Spring for example. Using Tor is a risky option though because if your identity is uncovered you may end up attracting extra attention to yourself.

The majority of activity on the dark web is illegitimate and Tor is still a gateway to a world of criminal activity where black markets operate to exchanges goods like drugs. Of course that’s not to say the rest of the internet is free of such activities.

Hackers on the dark web

Hackers also sell their services on the dark web and share the latest software vulnerabilities and how to exploit them. When they do succeed on getting people’s personal information, they may then sell it onto other criminals on the dark web. When Uber users’ log in details were stolen they were sold on the dark web. It has also been reported that user data from sites like Instagram and Yahoo have been sold on the dark web.

According to databreaches.net, healthcare records have also been put up for sale on the dark web. Those who buy the data can then use it to carry out further crimes. If you reuse passwords, then a single breach could give hackers access to multiple accounts. For example, Dropbox was hacked using information stolen from LinkedIn.

Protecting your business

If you don’t want your personal or business data to end up on the dark web then it is crucial to use several layers of security to make your defences as strong as possible.

This includes using firewalls, anti-spam and anti-virus software, as well as implementing patches to protect you against the latest vulnerabilities.

Don’t underestimate the importance of having an effective password policy in place too. The National Cyber Security Centre has laid out guidance to help simplify the approach to setting passwords.

There is help available too. “Dark web tools” are now available that look at user’s accounts, based on their email addresses and will highlight if the associated password has ever been leaked in a security breach.

If you do suffer a breach, then it is best to take steps like changing your login details immediately. Sometimes data is sold on the dark web months after the breach at a discounted price. Cybercrime is unlikely to subside in 2018 and may even get easier to carry out as criminals make use of the latest technology. To stay one step ahead of criminals, it is best to continually assess your online security so you can spot vulnerabilities early.

Related News

Newsletter

Subscribe to our weekly newsletter to stay on top of security news and events.

© 2024 Professional Security Magazine. All rights reserved.

Website by MSEC Marketing