The dark web is a commonly misunderstood part of cyberspace. Many people outside of the security space often believe that is a dangerous and illegal part of the online world that is full of nothing but criminal activities. While there are often a wide variety of illicit activities that occur on the dark web, it is often a portion of the internet that is vastly more nuanced than it may initially appear to be. In this post, I’ll cover 3 of the important things you need to know in order to better understand the dark web and some of its complexities.
What is the dark web?
Many people often hear about the dark web referenced a lot in mainstream media articles and new broadcasts. Nowadays, the dark web is regularly referenced when media releases share with their audiences about the latest cyberattack. It can create a lot of confusion and at times misinformation to the everyday public about what exactly goes on the dark web.
Since entering into the cybersecurity industry, I’ve gotten countless questions from friends, family, and colleagues over the years asking for insights on what exactly is the dark web and why it should matter to them. As a start, it’s important for anyone to understand that the dark web is part of the internet. It is not a separate entity from the internet or a standalone thing.
The dark web is a subsection of the world wide web at its core. It’s not accessible through your everyday internet browsers or with a quick Google search. What most people call the internet is what many tech professionals call the clear web. The clear web is a public facing portion of the internet that anyone with an internet connection can access. It is the portion of the internet that is most commonly indexed by search engines such as Google, Bing, and more.
In contrast to the public-facing clear web, the dark web does not work like that. It’s accessible to the public in some ways, but only if you know how to get to it with the proper browsers and encryption measures in order to access it. It is not accessible by search engines or other portions of the internet. It is not a public-facing portion of the internet.
Another common question I have seen asked is the dark web is the same as the deep web? The simplest answer is no. It is not the same as the deep web. While most of the deep web is also not public-facing, most of the information on there is legitimate and not criminal in nature. For instance, any website or application that is gated or paywall requiring user access and authentication is commonly part of the deep web not the dark web. The dark web is part of a deeper and more complex private internet network.
What happens on the dark web?
The dark web is a vast place that can be both criminal and non-criminal in nature. There are portions of the dark web that can serve as a safe place for those seeking privacy, freedom of expression, and anonymity away from the everyday activity, data, and monitoring that can occur on more public-facing sections of the internet. Alternatively, you then have the entire illicit side of the dark web where illegal activities reign supreme.
As our world has evolved with technology, so has the dark web. When I first got started in threat intelligence and security research, the dark web looked different from what many see and hear about today. Most of the research I previously did during my internship was during this weird flux of the dark web. When I say weird flux, I am speaking of it being a post take down of the Silk Road, the earlier days of RaidForums, and definitely years before LockBit even existed.
The illicit stuff that happens on the dark web is essentially anything goes and gives off an almost online wild west type of vibe. Users can sell illegal goods and services, consumer data, and even other people on the dark web. Yes, you read that correctly they can even sell other people on the dark web. Human trafficking is a serious issue on the dark web. This is among many other things that likely won’t help you sleep any easier at night, but I will spare you all from indulging in that further.
Organized crime is another big presence on the dark web. This can be organized crime from international criminal groups to even other nation-states or countries. The dark web is where malicious people go to thrive in hacking and share their exploits with others. You can also see a large presence of dark web forums and marketplaces where a lot of illegal goods and services are bought and sold. If you’ve ever had your credit card number stolen, I can guess with a good probability it was likely stolen from a recent data breach and sold from one of these forums or marketplaces.
The dark web has its own brand of currency too. Everyone’s least favorite type of digital currency, cryptocurrency. Cryptocurrency reigns supreme on the dark web for both buying and selling goods on most forums and marketplaces. You can put away your AmEx friends, as they don’t take credit cards there. Well, unless they are selling stolen ones to other criminals.
Even then, most credit cards bought and sold on the dark web are done with cryptocurrency transactions, not with cash or credit. Some of the more gated forums on the dark web also require it in order to even become a member of that forum. The dark web is host to a lot of pay to play type of behavior. It’s like a sketchy online speakeasy without the swanky décor or signature drinks. That’s the reality of it.
So, how can you access the dark web? Well, there is a reason you don’t see a section for that here. Frankly, I am not going to tell you how you can access it unless you are a security professional or in law enforcement. Everyday people shouldn’t know how to access it. Not much good can come from everyday people accessing this area of the inter webs.
Law Enforcement Efforts with the Dark Web
Contrary to what a good deal of may think outside of the security space, law enforcement has had an ongoing and active presence on the dark web. Since its origins, organizations throughout the world have been present on the dark web in order to help better combat cybercrime activity. Most of their presence on the dark web is undercover and clandestine. Despite their consistent efforts to mitigate criminal activities on there for law enforcement, it has only come with moderate successes in the fight to combat cybercrime.
The dark web that is seen today is vast and international, just like the public facing spaces of the internet. As much as the internet further connects us to others, so does the dark web for criminals and those wanting anonymity. In turn, it makes combating international criminals on the dark web challenging for law enforcement.
Why? The short answer is essentially because many countries have different laws and regulations in prosecuting cybercrime. Cybercriminals know this and leverage it. Sometimes they are caught, arrested, and prosecuted for their crimes. However, many times they are not. Ultimately, that’s the challenge that countless anti-cybercrime organizations and law enforcement organizations throughout the world face.
Law enforcement has taken down numerous marketplaces and forums over the years. One of the first biggest takedowns of a dark web marketplace that I studied previously was when law enforcement apprehended the owner and seized the Silk Road plus of their assets, including over 1 billion dollars in cryptocurrency. In 2023, law enforcement gained control and seized the dark web forum Genesis Market. More recently, we’ve seen the saga of the FBI versus ransomware group LockBit.
The problem with law enforcement’s presence and efforts on the dark web is that it is often a temporary win for the good folks. It takes a lot of work from law enforcement all over the world in order to continue to combat cybercrime activity that permeates online. Takedowns and seizures require a lot of resources, people, funding, and time in order to thoroughly prosecute cybercrime.
Over the years, there have been improvements in law enforcement’s efforts in combating cybercrime on the dark web. Many countries have begun working together with the common goal of eliminating the presence of criminals operating on the dark web. But this has not been without challenges as well.
A lot of cybercriminals have shifted their efforts to operate as a group versus just a solo perpetrator. Other countries have become actively involved in both the proliferation of cybercrime on the dark web. This has created not only a world of issues for law enforcement and security professionals but also for the cybercrime organizations that run everything.
Future Trends on the Dark Web
The future remains to be seen how cybercrime on the dark web will continue operating successfully. Organizations and law enforcement will continue to do their best to combat cybercrime on the dark web. Security professionals and researchers will continue to work progressively with law enforcement to continue fighting against cybercrime that derives from the dark web.
The issue nowadays is that the criminals are moving off the dark web and into other areas of the internet to continue their schemes. This is most prevalently seen with the increase in social media scams and phishing. Cybercriminals have also been leveraging numerous online messaging apps as well to continue their operations and schemes externally. My prediction is that the financially motivated types of cybercrime most prevalent on the dark web will continue to readily make its way into mainstream online spaces. This has been seen in the uptick of cybercriminals actively leveraging more social media and online messaging apps to further commit their schemes.
As threats grow against organizations and citizens globally, combating cybercrime will become more necessary than ever before for everybody.
As always, thank you for taking the time reading this post and being on this journey with me.
Until next time, stay safe out there and don’t click any unverified links! #cantphishme
– Amanda
Feel free to give me a follow on the socials: X (Twitter) | Instagram | Pinterest | Medium
