Recent studies identified that over 15 billion credentials are currently available there, and these transactions between hackers and cybercriminals continue to fuel more cyberattacks and breaches. But what is the dark web, and how did it end up teeming with cybercriminals? To many, the dark web is a hotbed of nefarious activity fueling illegal criminal deeds. However, despite its current reputation, the network was set up with the altruistic goal of protecting individual privacy rather than exploitative or illegal purposes.
Dark Web Origins
When most people refer to the dark web, what they are really referring to is the Tor network. While there are other anonymous networks, Tor is the largest and most extensively used. Tor began as an experimental project by the US Department of Defense back in 2002. The government created the anonymized and encrypted Tor network, short for The Onion Router, to protect its communications with spies. The encrypted capabilities appealed to other security-conscious companies, and the open-source platform quickly snowballed. Criminal organizations worldwide recognized its potential and shifted activities to take advantage of the anonymity provided.
Dark Web 101
The name is derived from darknets, which are infrastructure overlays that prevent public access. For example, any information that is not publicly accessible and requires a special service or application is termed “dark.” The dark web is an anonymous, encrypted network that sends traffic through nodes around the world, obscuring a user’s online footprint. The individual's IP address is protected, making it very difficult for anyone to trace any part of the connection.
This is achieved by encrypting traffic in multiple layers and bouncing it through a network of random computers, each of which removes a layer of encryption before bouncing it on to the next device. This is how the information gets anonymized as it's passed randomly, so you can’t identify the source, the destination, or the contents as they are encrypted with multiple layers.
To access the dark web requires the Tor browser, which has a host of privacy features built in, and the encryption hides the locations of everything on it. Tor also removes the risk from tracking software because it continually updates circuits. Unlike the standard internet, the dark web is not searchable by engines like Google or through browsers like Safari or Chrome.
The domains within Tor are essentially large strings of randomized characters that make it impossible to index because there's no central registry. When you go on the dark web, data is stored internally on the Tor network. All Tor addresses end in .onion, and it can be tough to find information, with Onion sites sometimes disappearing within hours.
Cryptocurrency is typically used for financial transactions on the dark web, ensuring buyers and sellers remain anonymous. Because of these features, the dark web has become the go-to destination for those seeking privacy.
While the Tor network does provide some level of anonymity, it is by no means perfect. An attacker who controls enough of the entry and exit nodes on the network can still piece together the identity of a client and what they are accessing. Law enforcement has been known to do this, for instance. For individuals who want a higher level of anonymity, rather than relying solely on Tor, they should use a reputable VPN as well.
Anonymity Isn’t Always A Bad Thing
The anonymity the dark web provides has attracted individuals who require online privacy because it allows users to visit a website without revealing any information used to track people as they surf the internet. However, it’s important to recognize that just because someone desires anonymity, this doesn't automatically make them a criminal.
Despite the focus on the criminal and malicious activity happening on the dark web, it supports a lot of legitimate and vital communication. The privacy and confidentiality it provides helps many, including human rights advocates, journalists and whistleblowers. It even has its own social network, BlackBook, a hidden social network, akin to being the Facebook of the dark web.
Many legitimate websites have a dark web presence, including the New York Times and other reputable organizations that are looking to create a site to provide users with a cloak of invisibility. One creative use of the dark web during the initial stages of the coronavirus pandemic was a surge in sales of cannabis.
However, as previously mentioned, this anonymity has attracted criminals, and a range of nefarious activity does occur, spanning selling stolen data and exposed credentials to the downright horrific, such as terrorist groups, human trafficking and arms trading. As a result of the illegal activities, the FBI and NSA deploy teams to monitor dark web activities to garner situational awareness and understand threats.
As the desire for privacy continues to grow, the dark web shows no sign of losing its appeal. In less than two decades, the network has gone from a discrete project supporting anonymous communications to a large unregulated network. What the future holds for the dark web is unclear, but it doesn't look like it will disappear anytime soon.