The dark web explained: how it works and why it's so dangerous

While most people access the internet through common web browsers such as Google Chrome, Safari and Edge, there are deeper levels of the internet that are inaccessible to the average user: The Darkweb, or Dark Net.

It is a collection of websites, forums and marketplaces that are only accessible with the Tor browser. This particular browser offers users a high degree of anonymity, which is particularly attractive to cybercriminals, hackers and government employees who want to hide their identity. The Tor Browser is currently only available for Windows, Mac, Android and Linux. Once connected, you will have access to dark net websites called "Tor hidden services". Instead of ".com" or ".org", the addresses on the dark web end with a ".onion". Many insiders talk about the dark web in cryptic terms to stir up fear. But it is not just a space for criminals. But to understand the dark web, we first need to look at the different layers of the internet.

The layers of the internet - what is the surface web?

The internet consists of several layers: visible (surface), deep (deep) and dark (dark). Most people only interact with the visible or surface web. Through search engines, you can access nearly two billion public websites - from Wikipedia to public sector websites to news sites. But this is just the tip of the iceberg: the surface web only accounts for 10% of the entire internet - the majority of websites remain hidden from the average user.

Why is this the case? Because not all the information you can access online is in the public domain. So if we only see 10% of what's actually on the internet, where is the rest?

Dark web vs. deep web: What's the difference?

Most of the digital content in the world is not accessible via search engines. This colossal amount of information is on the deep web (or hidden web), where almost all online activity takes place. Even if you don't use the term deep web on a daily basis - or at all - it is more a part of your life than you realize:

You use the deep web as part of your daily routine every time you log into your email account, check your online banking information or use social media.

The deep web contains information that usually requires a username and password to access, mainly for security and privacy reasons. Deep web entities include:

  • Databases
  • Apps for social media
  • online banking
  • e-mail
  • intranets
  • Forums
  • Content protected by a paywall

Much of the activity on the deep web involves personal data, such as medical and legal documents, financial records, academic research, intellectual property, confidential business data and more.

However, the deep web is not the same as the dark web, a term you've probably heard before. The dark web is another part of the internet that is not comparable to the deep web. Let's look at the reasons for its negative reputation. But first we need to look at the digital footprint.

What is a digital footprint?

"A digital footprint is a term that describes the recorded - i.e. traceable - internet or device activity of a particular person." - This is how the Malwarebytes glossary succinctly defined it. Let's explain this definition in more detail: put simply, a digital footprint is your data trail on the internet. Almost every action you take on the internet, whether it's visiting a website, subscribing to a newsletter or searching for a product, leaves a trail of data behind. Anyone with access to a search engine or advanced software such as a skip tracing tool can view your activities, behavior, preferences, opinions and much more based on your data trail.
The critical thing is that a digital footprint will never completely disappear, even if a website, host or social media platform deletes part of your digital footprint at your request. There is always a risk that someone has documented this information. Therefore, you should be very careful with the content you publish on the internet.

Possible negative effects in real life

Your digital footprint can have a significant impact on your public image, even if the data is decades old - the internet forgets nothing. For example, a controversial opinion expressed in a public forum many years ago can have an impact in the present. Even if your views have evolved in the meantime. Old photos or video recordings also pose a great risk in this respect. You can quickly lose track of your digital footprint if you maximize your passive and active digital footprints. The internet is growing rapidly and there is plenty of storage space for your data.

And it's being used extensively: According to Monster, 77% of employers Google job applicants. But employers aren't the only ones checking your digital footprint. Governments, security companies, police departments and others can check it before issuing certificates, visas or citizenships, for example. No special skills or tools are required. Anyone with access to a device and a search program can look up a digital footprint. So in the digital age, it's a readily available source of information.

Misuse of your digital footprint

The information you leave on the web can be misused by malicious actors for criminal purposes in a variety of ways. For example, they can use your data to find out more about you and launch a spearphishing attack. This is a highly personalized phishing attack that tricks you into believing you are legitimate by using detailed personal information.

Another type of attack is doxing, in which hackers gather personal information and publish it in bulk. Whether it is a private address, personal telephone numbers, bank account or credit card information - doxing causes considerable damage. The background is usually a personal conflict or even a culture war with the aim of harming the victim both in the online world and in real life.

Swatting is a particularly perfidious way of misusing personal data. Here, the victim's personal data is used to trigger the deployment of police and emergency services to their private address, e.g. because an alleged hostage-taking is taking place there. People have already lost their lives in this type of bullying when they were shot by the emergency services as alleged hostage-takers, burglars or similar.

The list of possible abuses could go on and on. It is important to know that not only individuals, but also companies, marketers, platforms and websites can exploit your data, for example to display personalized advertising. The consequences of data misuse may not always be obvious to you at first glance or be as serious as described in the examples above.

How to check your digital footprint

There are numerous ways to check your digital footprint:

  • Search engines: Check the search results for your name in a search engine. Use your first and last name, variations of your first and last name, online handles (usernames/pseudonyms) and nicknames. In some cases, your unique, long-standing online pseudonym can be more revealing than your actual name.
  • Image search: Use a search engine to look for search results for your name and online handles as described above. However, don't search for text, but for images and videos.
  • Check your social media posts: In a search engine, enter your social media handle (pseydonym) followed by the name of a social media platform. You should now see a list of your popular social media posts. Alternatively, you can visit your social media page and scroll through the list of your posts. To find specific posts on social media, search using your social media handle, the name of the social media platform and the keywords you may have used in the post you are looking for.
  • Use aggregator websites: An aggregator website collates data from across the internet and makes it easily accessible. If you want to check your digital footprint, such a website can provide useful services.
  • Google Alerts: Setting up Google Alerts is a great way to track your name on the internet.

What kind of products do cybercriminals sell on the dark web?

Cybercriminals and other malicious actors use the power of the dark web in a variety of ways for illegal purposes. The hotspots for illegal activities on the dark web are marketplaces and forums where participants trade illegal products and services.

The illegal products that criminals offer on these black markets include stolen and falsified data of various kinds, e.g:

  • Personal data: This includes full names, home addresses, phone numbers, dates of birth, social security numbers, hacked email addresses and many other details that can be used to identify you as an individual.
  • Financial data: Stolen credit card information, online banking usernames and passwords, cryptocurrency account login credentials, banking and insurance information, and more.
  • Login credentials for online accounts: Typically, these are username/password combinations that allow access to accounts ranging from social media to ride-sharing and video streaming services to paid professional services. Even logins for genetic testing providers are in demand.
  • Medical data: This includes your medical history, prescriptions, biometric data (including fingerprints and pictures of your face), test results, billing information and other sensitive details. In the wrong hands, this can lead to (medical) identity theft.
  • Confidential company data: This includes classified information such as intellectual property, patents, competitive information and other operational details.
  • Falsified data: Primarily fake passports, stolen driver's licenses and ID cards, cashier's checks and more.

Other illegal marketplaces on the dark web

In addition to personal information derived from data breaches and various other types of cyberattacks and online fraud, these black markets also offer illegal drugs, access to new cyberthreats and viruses, and even hitmen for hire.

The most notorious of all dark web marketplaces was Silk Road, which had over 100,000 buyers in its heyday. Founded in 2011 by Ross Ulbricht, the website became the most popular black market, especially for drug dealers. The FBI shut down Silk Road in 2013, but version 2.0 briefly went back online before law enforcement shut it down for good. Ross Ulbricht was sentenced to life in prison twice, along with three other convictions. The US government seized over 1 billion dollars worth of Bitcoin during the operation and in the ten years that followed.

Aside from the opportunity to make big money on these dark web marketplaces, people also seek out the dark web for other reasons. This part of the internet also hosts large amounts of child pornography, with some sites reaching tens or hundreds of thousands of users. As a hub for criminal activity, the dark web offers more than just "products" for anyone who wants to buy and consume them. It also offers services that allow cybercriminals to carry out attacks with little technical knowledge or experience.

What types of services does the dark web offer cybercriminals?

Although personal data may seem priceless to you, cybercriminals trade personal data for a few dollars on the black markets of the dark web. Data for credit cards with a balance of up to 1,000 dollars costs an average of 150 dollars, while stolen online banking credentials (for an account with a balance of at least 100 dollars) can be had for as little as 40 dollars. Goods that are more difficult to obtain, such as a French passport, can cost up to 4,000 dollars.

Marketplaces on the dark web even have rating and review systems to help potential buyers recognize "trustworthy" sellers. With all these features and the attraction of cybercrime's riches, it's no wonder that these black markets are seeing a huge increase in supply, according to the Dark Web Price Index.

Cybercriminals are not only buying and selling personal data and compromised accounts, but also other goods such as:

  • Off-the-shelf software exploits (exploit kits): Tools that cybercriminals use to attack vulnerabilities in systems so that they can then spread malware.
  • Ready-to-use malicious software (malware): Ransomware, information thieves, keyloggers (which record every key pressed on a device), spyware, adware, rootkits (which are notoriously difficult to detect and stop), Trojans and worms (with self-replicating capabilities).
  • Malware-as-a-Service: A subscription-based model that rents the software and hardware cybercriminals need to carry out attacks. This includes the malicious software, a distribution network, a set of targets and even technical support, as well as a personal dashboard to manage the project.
  • Software vulnerabilities: Unbeknownst to the software vendor (known as zero-days), cybercriminals can use these to infiltrate organizations incognito.
  • Access to networks of compromised devices (botnets): The computer resources that malicious hackers need to carry out their attacks.
  • Distributed Denial of Service (DDoS): Offers that use extensive botnets to flood victims' systems with so much traffic that they go offline along with the services they offer.
  • Cybercriminal training: Tutorials, guides and other types of content support the upskilling of cybercriminals in various roles.

Money laundering (money muling): Enables fraudsters to spread the money they steal, extort or otherwise capture from their victims and turn it into clean, untraceable cash.

Why you should not use the dark web

If you are on the dark web, you are taking a big risk, and not just if you are engaging in illegal activities there. Because in this part of the Internet, there are no security precautions like those you are used to on the World Wide Web, e.g. integrated protection against malicious websites in your web browser. Both Chrome and Firefox, for example, warn you about dangerous websites that steal data through phishing attacks. This does not happen with the Tor browser.

Therefore, on the dark web, there is always a risk of infecting your devices with malware, ransomware or Trojan viruses if you are not protected by a special cybersecurity system. There is also the risk of becoming involved in illegal activities or unknowingly becoming an accomplice in a crime and therefore a target for prosecution.

Concluding remarks

It is important to understand the footprint of your company, as well as you personally, on the darknet for several reasons. Firstly, it helps to identify potential security vulnerabilities and threats and enables proactive measures to mitigate risks. Secondly, it provides insights into leaked sensitive information such as customer data or protected assets, enabling mitigation and regulatory compliance.

In addition, monitoring your footprint helps prosecute illegal activities related to your brand, protecting your reputation and integrity. In summary, knowing your darknet presence enables organizations to strengthen their defenses, protect valuable assets and maintain integrity in an increasingly interconnected digital landscape, ultimately ensuring sustainable resilience and success in the face of evolving cyber threats.

Back

DarkwebCybersecurityDigital footprintCybercrimeThreat Intelligence

Related news

Attack on the Canadian House of Commons Threat Actor exploited a recently discovered Microsoft…
Read more
WAS IST DIESE WOCHE IN DER HACKING-WELT PASSIERT?

US court system hacked - witness information compromised A targeted attack on the US federal court…
Read more
Netzwerk

Definition A router is a device that connects our home to the internet and often also provides a…
Read more