The dark web is most often mentioned in connection with illegal trade and cybercrime, but the dark web can also be used by those who simply want anonymity when using the web. In this blog post you will learn all about the dark web and get a guide on how to safely access the dark web.
What is the dark web?
The dark web is a hidden collection of internet pages that are only accessible through a specialised web browser. The dark web can be used to keep internet activity anonymous and private, which can be useful in both legal and illegal situations. While some use the anonymity to avoid government censorship in their country, it is also known to be used for illegal activity.
What is the difference between the dark web, the deep web and the surface web?
The internet is made up of millions of websites, databases and servers, all online 24 hours a day. The so-called "visible" internet (surface web or open internet), i.e. websites that can be found using search engines like Google and Yahoo, is only a small part of the internet.
There are several terms that describe the non-visible internet, but it's worth knowing how they differ if you plan to access that part of the web.
The surface web
The surface web or the open internet is the "visible" part of the web. From a statistical point of view, the collection of websites and data on the open internet represents less than 5% of the total internet.
All commonly accessible websites, accessed via traditional browsers such as Google Chrome, Internet Explorer and Firefox, are collected here. These are the websites that have top-level domains such as ".com" and ".org" and can be easily found with common search engines.
It is possible to find websites on the open internet because search engines can index the web via visible links in a process called "crawling" (it is called "crawling" because the search engine moves around the web like a spider in a web).
The deep web
The deep web accounts for about 90% of all websites. In fact, the deep web is so big that it is impossible to know exactly how many websites are active at any given time. The deep web also includes the part we call the dark web.
While many news media use "deep web" and "dark web" interchangeably, much of the deep web as a whole is perfectly legal and safe.
Some of the largest parts of the deep web include:
- Databases: both public and private collections of files that are not connected to other areas of the web and can only be accessed within the database itself.
- Intranets: internal networks for companies, governments and educational institutions, used to communicate and control situations internally within their organisations.
You may be wondering how to access the deep web, but it's actually likely that you already use it on a daily basis. The term "deep web" generally refers to all web pages that cannot be identified by search engines.
These sites may be hidden behind passwords or other security measures, or they may be hidden because websites tell search engines not to "crawl" them. Without visible links, these sites are hidden from ordinary search engines.
On most of the deep web, its hidden content is generally legal and safe. It can be anything from blog posts under review and pending restructuring of web pages to the pages you access when using an online bank.
Moreover, these websites pose no security threat to your computer. Most of these sites are kept hidden from the open internet to protect user information and privacy, such as:
- Financial accounts such as banking and pensions
- Email and social media accounts
- Private company databases
- HIPPA-sensitive information like medical records
- Legal files
Moving deeper into the deep web, things start to get murky. For some users, parts of the deep web allow them to bypass regional or national restrictions and access TV or movie services that may not be available in their country or region.
Other users go a little deeper to download pirated music or watch films not yet in cinemas, which are also illegal.
If you go further down, you will find the dangerous content and illegal activities. Tor sites are located in the deepest part of the deep web, which is considered the dark web, and are only accessible via an anonymous browser.
Deep web security is more relevant to the average internet user than dark web security, as you can accidentally end up in dangerous or illegal parts of the internet. Few parts of the deep web can still be accessed through normal internet browsers.
The dark web
The dark web refers to websites that are not indexed by common search engines and are only accessible via specialised web browsers. The dark web is a very hidden part of the deep web that few people want to interact with or see.
The characteristics of the dark web are:
- There is no indexing of search engines (those used to access the open internet). Google and other popular search tools cannot retrieve or display results for pages on the dark web.
- There are "virtual traffic tunnels" which operate through a randomised network infrastructure.
- It is inaccessible to traditional browsers because of its unique registry operator. It is also further hidden by various network security measures such as firewalls and encryption.
The dark web's reputation is often associated with criminal activity, illegal content and trading sites where users can buy illegal goods or services.
How to access the dark web
The dark web was once just a place for hackers, special authorities and cyber criminals. But technologies like encryption and anonymisation software like "Tor" now make it possible for anyone to access the dark web if they are interested.
Tor ("The Onion Routing" project) is a network browser that allows users to visit sites with the ".onion" top-level domain. This browser is a service that was originally developed in the late 1990s in the United States by the United States Naval Research Laboratory.
An early version of Tor created to hide communications between active spies. After some time, Tor was reinterpreted and has since been published as the browser used today. Anyone can download the Tor browser for free.
Tor works like a normal browser like Google Chrome or Firefox. But instead of taking the most direct route between your computer and the deep web, the Tor browser uses a random path of encrypted servers known as "nodes". This allows users to connect to the dark web without fear of their internet traffic being tracked or their browsing history being visible to third parties.
Is it illegal to go on the dark web?
As such, it is not illegal to access the dark web. In fact, many websites are perfectly legal. There are three advantages to using the dark web:
- The user is anonymous
- Websites and services are almost untraceable
- It is possible to commit illegal acts (this is of course only an advantage if you are a criminal interested in this)
The dark web is used by many people who do not want their identity revealed online. They may be victims of abuse and persecution or whistleblowers. But of course the dark web is also used by those who want to commit illegal acts without being detected.
The legality of the dark web is therefore based on how you, the user, use it.
Is Tor illegal to use?
The use of Tor and other anonymised browsers is not illegal. In fact, these kinds of internet browsers are not exclusively connected to the deep/dark web. Many users now use Tor to browse the open Internet while remaining anonymous.
However, you can still commit illegal acts in Tor. You can easily use Tor to pirate content from the deep web, share illegal pornography or engage in cyberterrorism. Using a legal browser does not change the fact that the actions are illegal.
Are websites on the dark web illegal to visit?
Websites and networks on the dark web can be a grey area. Using the dark web often means that the user is trying to participate in activities that are not available on the open internet.
It is not illegal to access websites or networks, but it can quickly become a problem. There is a lot of illegal or unpleasant content on these sites and you may be exposed to unnecessary risks by accessing them. If you are not careful or alert at all times, you could be exposed to or drawn into something illegal, even if it was not intended.
Types of threats on the dark web
There are a number of cyber threats that users can face when using the dark web. Below are some common threats you may face.
Malware can be found in many places on the dark web. It can be bought by hackers for cyber attacks on websites or special portals. But it is also found on websites where the purpose is to infect unsuspecting users' digital devices.
Users can be exposed to types of malware such as:
- Phishing malware
If you want to use the dark web, you risk being exposed to cyber attacks. Most types of malware can be blocked by security software.
Mantor-based sites are monitored by law enforcement agencies worldwide, and there is therefore a risk that you will be monitored by the police or intelligence services if you visit a website on the dark web.
Illegal drug trafficking sites such as "The Silk Road" have been a major target for police surveillance in the past. By using tailor-made software to infiltrate and analyse internet activity, it is possible for police officers to identify sellers and buyers. Even if you never make a purchase, you can be monitored or placed on a watch list.
There is a lot of fraud on the dark web, such as phishing and fake sales of goods. Because of the anonymity, it is virtually impossible to get your money back if you are a victim of fraud. There are also scams involving illegal services or goods, such as hitmen. In these cases, buyers are unlikely to report the fraud, making it easy for cyber criminals to get away with it.
End-user protection against threats from the dark web
Whether you are a business or an individual, it is important to take some precautions to protect yourself and your information on the dark web.
Identity theft monitoring
This is important if you want to prevent your private information being misused. All types of personal data can be distributed online by cyber criminals with the aim of making money. Passwords, physical addresses, bank account numbers and social security numbers are sold and bought on the dark web constantly.
Antimalware and antivirus protection
These are essential to prevent malware attacks. Hackers can use tools like keyloggers to collect your data and then infect your computer system.
How to safely access the dark web
Of course, you should only access the dark web if you have a legitimate purpose for doing so. And you need to make sure that you access and use the dark web in a secure way.
7 tips for safe access to the dark web
- Trust your intuition. Remember that not everyone is who they say they are. It's important to keep an eye on who you're communicating with and what sites you're visiting
- Don't use your real information. Your real usernames, email address, name and passwords should not be used on the dark web as you risk them being stolen. Don't use anything that can be used to identify you.
- Use active identity and financial theft monitoring. Many online security services now offer identity protection. Make sure you use these tools if possible.
- Avoid downloading files. The risk of malware is significantly higher on the dark web than on the open internet. File scanning from an antivirus program can help you check incoming files if you choose to download them.
- Disable ActiveX and Java in all available network settings. These programs are often investigated and exploited by cyber criminals
- Use a secondary local user account, which does not have administrator access, for all daily activities. The original account on most computers will have full administrator access by default. Most types of malware can exploit this
- Always restrict access to your Tor-enabled device. Protect your children, friends or family members from viewing or being exposed to anything illegal or unpleasant. Children should never access the dark web.
Sofie Meyer is a copywriter and phishing aficionado here at Moxso. She has a master´s degree in Danish and a great interest in cybercrime, which resulted in a master thesis project on phishing.