What’s lurking in the Deep Web, and is it a danger to businesses?

Beneath the billions of Google, Bing or Yahoo-indexed websites on the Internet lies a hidden Web that’s thousands of times larger than the ‘Surface Web’ we’re all familiar with. While the Surface Web is huge, this ‘Deep Web’ is estimated to be 500 times bigger. And it’s growing fast.

The vast majority of the Deep Web is largely innocuous, being made up of inaccessible content areas such as libraries, academic research archives or corporate intranets and databases that conventional browsers – or search engines – can’t access.

It also includes password protected private websites that require registration and login, unlinked content, encrypted networks and Web archives that cannot be indexed and are therefore undiscoverable by standard search engines.

> See also: How to disappear like a double-o agent and stay private in a hyper-connected world

The Deep Web is vast and currently makes up about 96% of all content on the web – which means the Surface Web represents just 4% of the Internet. And a lot of people use it, because it’s a rich source of information.

More than half of Deep Web content resides in topic-specific databases, 95% of which is publicly accessible and not subject to fees or subscriptions. Some of the largest Deep Web sites, for example, include the National Climatic Data Centre, NASA EOSDIS, the National Oceonographic Data Centre and MP3.com.

As well as the Deep Web there is also the Dark Web (which confusingly sometimes gets referred to as the Deep Web) which requires specialist software to access.

Who accesses the Dark Web – how do they do it, and why?

The Tor browser is the most well known way of accessing the Dark Web. Tor (originally an acronym for ‘The Onion Router’) is an anonymity network designed to keep a user’s identity and location completely secure when browsing the web.

This free-to-download browser masks a user’s IP address through a number of encrypted proxy servers around the world.

Using the Tor browser unlocks the door to the Dark Web, and a variety of people use it for a number of reasons. People use it to protect their communications – for example, political activists used it during the Arab Spring to disseminate messages.

Others use it to research sensitive topics or to access information that might have been hidden to them, while some are libertarians or information freedom activists who believe in the right of free Internet expression and online privacy.

For example, the Dark Web is home to the WikiLeaks site that provides users with means to upload documents anonymously.

The Dark Web is also home to the more disreputable Internet users who are engaged in criminal or illegal activities, thanks to their ability to keep their online identity secret.

In 2013, The Silk Road, the infamous narcotics trading website, was seized and its administrator Ross Ulbricht arrested. The seizure brought the existence of the Dark Web into the mainstream, raising serious questions about Cyber Security for those in Government, Law Enforcement and the Private Sector.

> See also: The three questions you should be asking about your online security

That’s because the Dark Web is not just a trading place for narcotics: it’s also used for many other illegal activities that include hacking services and selling hidden vulnerabilities in computer systems.

The FBI used its deep knowledge of the Dark Web and Open Source Intelligence techniques to bring about the demise of The Silk Road. Today’s corporate businesses need to gain a deep understanding of the Dark Web, criminal innovation and cybercrime if they’re to combat any potential threats in a successful manner.

From monitoring theft or counterfeiting, to identifying threats to commercial IP and other assets, using anonymity tools like Tor enables organisations to undertake investigations into cybercrime, fraud or compliance.

And leveraging techniques like Open Source Intelligence to monitor potential events – like the risk of data breach – should be a critical aspect of the corporate risk response plan.

Sourced from Max Vetter, Cyber Security Trainer and Analyst, QA

Avatar photo

Ben Rossi

Ben was Vitesse Media's editorial director, leading content creation and editorial strategy across all Vitesse products, including its market-leading B2B and consumer magazines, websites, research and...

Related Topics