Understanding the Dark Web

  • August 22, 2018

If you are familiar with recent news reports about security incidents and threats, you’ve probably heard of the ‘dark web’ or the ‘darknet.’ In fact, you don’t even need to pay attention to the news. TV shows, movies and even social networking sites will introduce the terms to you. The problem is, there often isn’t any explanation about what those terms mean. Likely, the people using them have no idea what they mean. Understanding what they mean can help you better protect yourself, as well as having an idea of what is going on in these news reports. To get there, though, we’re going to take a quick journey through history. 

A Brief History of the Internet 

In the beginning was the Advanced Research Projects Agency (ARPA), along with its companion organization Defense Advanced Research Projects Agency (DARPA). These organizations were federal agencies that used money from the federal budget (tax dollars) to distribute to companies to conduct research and advance our capabilities as a country, as well as a military power. In the 60s, several people and organizations discussed the idea of connecting computers together so they could communicate, including communicating over long distances. Keep in mind that at that time, “computers” were very large devices that cost millions of dollars. The idea was to make better use of those devices by letting researchers anywhere access resources where research was being done.   

In the late 1960s, two computers were connected together to create the start of the ARPANET. The ARPAnet was where TCP/IP was eventually developed. In the 1970s and then the 1980s, several other networks were developed by other organizations — CSNET, BITNET, THEORYNET, JANET and many others around the world. Eventually, the U.S. created the NSFnet, sponsored by the National Science Foundation. The NSFnet became a backbone network with very fast connections. As a side note, this is where the misquote of Al Gore originates. He didn’t say he invented the Internet. He said he took the initiative while in Congress to create the Internet. He’s correct, in that he was a driving force behind legislation creating the NSFnet, which became the Internet over time, as all other research networks were folded into the NSFnet. Additionally, Gore was involved in legislation allowing businesses to connect to the NSFnet, truly creating what we know today as the Internet. 

The Connected Internet 

The Internet isn’t a single network. It’s a large collection of networks, all interconnected. Every business and organization connect their own network to a service provider. The service provider connects to other service providers, sharing information about how to deliver information to businesses and organizations, where all the users live. The Web is an overlay on top of the Internet and refers to a specific service — servers that communicate using the Hypertext Transfer Protocol (HTTP).  

Search engines like Google, Bing and others, make navigating the Internet possible. Not everything is searchable, though. If Google doesn’t know anything about the site, Google’s robots that are used to index sites can’t look through the site and deliver it in search results.  

The Dark Web 

Any site that has no connections to other sites and no other sites have connections to it is completely isolated from the search engines. The collection of sites like this, which may be web sites but may also be systems that use other protocols to serve up content to users, is a subset of the overall Internet and is sometimes referred to as an overlay. This overlay is sometimes called the “darknet” or the “dark web,” because the systems and services are not searchable by traditional search engines and you’d have to know they are there to make use of them.  

More commonly, though, is another network overlay that was developed by the U.S. Navy. U.S. Naval Research Laboratory employees developed the concept of “onion routing” in the 1990s. Today, you may know this better as The Onion Router (TOR). TOR is a way of routing to sites through peer-to-peer connections, meaning system-to-system rather than site-or-network to site-or-network. When you hear about data being on the dark web or darknet, they are likely referring to TOR sites. They may, though, also be referring to other sites that are also connected to the Internet but can’t be found unless someone specifically knows about the site. 

The Implications for Cybersecurity 

It’s important to understand what the Dark Web is because it is intimately tied to the work conducted in cybersecurity. As hackers continue to evolve in their tactics and breach practices, stealing records including medical records and people’s personal data, that information is treated as currency, sold on the Dark Web. Beyond a profit motive, according to The Independent (a U.K. newspaper), “cyber criminals could exploit the healthcare records for other purposes like redirecting medication to different addresses, or request doctor appointments on other people’s health plans.”  

Healthcare is just an example of how the Dark Web informs cybersecurity efforts but as we continue to understand the intricacies of the Dark Web, its activity, and see the damaging repercussions of its mere existence, we need to take our cybersecurity efforts that much more seriously. The possibilities of exploitation are endless when hackers are motivated by financial gain, insinuating social chaos, and/or manipulating data for power and status.