A few weeks ago I had the chance to listen to an interesting presentation by Eamon Murphy at the Digital Identity Summit. Eamon’s presentation consisted of a look into the internet, the deep web and the dark web. While our current understanding of the internet is based on indexed website that are accessed by search engines, part of the substratum of the web that is called the “dark web” is estimated to be about 1,000 times larger than the web searchable by Google.
One shouldn’t look at the “deep web” and “dark web” as one and the same. The “deep web” are all the databases and other web services that for one reason or another can’t be indexed by conventional search engines. Think of your work email and applications as the deep web. If you’re not an employee or contractor with access to your company’s network then there’s no way to use resources from this portion of the deep web, your company’s network.
The more insidious part of the underbelly of the internet is the “dark web”. The “dark web” is a term that refers specifically to a collection of websites that are publicly visible, but hide the IP addresses of the servers that run them. It cannot be found using normal search engines. Thus, they can be visited by any web user, but it is very difficult to work out who is behind the sites and who are its visitors.
The dark web can be accessed through Tor (short for The Onion Router) servers and their clients. The IP addresses of the servers that run the websites are hidden, so it is very difficult to work out who is behind the sites. Communications are made via several computers and layers of encryption, making them almost impossible for law enforcement to track. The Tor network houses all these servers so you won’t know what you’re accessing unless they tell you and they wont know who you are unless you tell them. Buyers and sellers make contact using e-mail providers such as Sigaint, a secure dark-web service, and encryption software such as Pretty Good Privacy (PGP). This entire chain of commerce can be paid for by digital currency which results in an nearly anonymous chain of commerce.
Anonymity Has Its Pitfalls & Privileges
The advantage of technology that is typical of a user of Tor and other dark web technologies is that there is no one physical location, and is operated by no one commercial entity and the user base enjoys a certain level of anonymity. The very benefit of being anonymous is what causes policing to be difficult. This is not to say that anonymity results only in illegal activities but it certainly aids it.
Illegal activity on the dark is not limited to sex, money and drugs but data breaches that eventually lead to the sale or distribution of the stolen data over anonymous networks. The challenge for law enforcement will not only be how to find illegal activity but also how to gather the evidence needed in all this data to successfully find and prosecute the heads of these criminal networks.
While the dark web is a hotspot for criminal activities that can be conducted without being traced by law enforcement agencies, it also serves to help journalists communicate with secret sources by reducing the risk of their communication being spied on, and can help ensure anonymity on the internet.
Interestingly enough, according to a study conducted by Daniel Moore & Thomas Rid, and titled “Cryptopolitik and the Darknet,” terrorists and radical groups hardly use darknets. Of the hidden services on the Tor network that were analyzed, a relative few dealt with extremism. The theory they posed was that terrorist groups would rather use the speed and audience available of the internet in order to reach a wider audience, including wannabe terrorists and the curious interested in the activity of radical groups. Below the results shared by the researchers:
The epidemic of the dark web has been around for a long time, the good news for law enforcement is that centrally located hubs of illegal activity are great ways to police bad actors. However, the bad news is that increased scrutiny from investigators, coupled with more monitoring of the regular internet, is resulting in criminals becoming more careful to hide their tracks. This secrecy in turn may cause criminals to become more fragmented by creating alternative dark webs which would further complicate the situation.
By some estimates, cyber criminals are responsible for losses of up to half a trillion dollars with a prosecution rate of less than 2 percent. These networks pose a glaring problem not only from data gathering but also prosecution. However, the past few years has shown the use of undisclosed policing techniques around the world that have started to help expose players on the dark web. For example, law enforcement such as the FBI are using anonymity to create dark web sites to lure criminals in order to capture and prosecute them.
Organizations like the United Nations, FBI, and CIA use the encrypted internet to monitor terror groups and keep tabs on criminal profiteers. Corporate IT departments frequently crawl the dark web in search of stolen corporate credit card information and compromised accounts and new companies such as Intsights and Terbium Labs are using technology to deobfuscate illegal behavior. However, the task of enforcing social behavior through technology will continue to be hard. While techniques continue to evolve, clear legislation and robust judicial and political oversight on a global scale needs to be effectuated to keep pace with the increasing globalization of crime.