What is The Dark Web?

Bart Lenaerts-Bergmans - September 20, 2022

Dark Web Definition

The dark web is the part of the internet where users can access unindexed web content anonymously through special web browsers like TOR. While the dark web is popularly associated with illegal activities, it is also used by the intelligence community, whistleblowers, members of the media and ordinary citizens whose communication may be monitored or restricted by the government.

Open Web vs Deep Web vs Dark Web

differences between the open web, deep web, and the dark web

While the terms dark web and deep web are often used interchangeably, they are two very distinct concepts. The open web is the public counterpoint to the deep and dark web.

Open Web Defined

The open web, also called the surface web, includes any public web content that is indexed by search engines. Web pages on the open web will show up in search results on sites like Google and Bing. While a large volume of traffic visits on the open web every day, it only represents 4% of the content on the internet.

Deep Web Defined

The deep web refers to any web content that is not indexed – or pages that can’t be found with a search engine. Examples of the deep web include any websites that are behind a paywall or require log-in credentials. Most internet users access the deep web several times a day to perform common tasks, such as checking email, accessing a bank account or reviewing health or school records. Items you would not be able to simply access by clicking on a link from a search engine. The deep web constitutes over 90% of online content and is inaccessible via search engines.

Dark Web Defined

The dark web is a network of unindexed web content. The biggest differentiator between the deep and dark web is that dark web activity is made anonymous through a variety of encryption and routing techniques.

The dark web is also unregulated, meaning that it is run and upheld by a vast network of individuals around the world. This network contains thousands of volunteers who operate proxy servers to route dark web requests. As such, no one is responsible for setting rules or ensuring their adherence. This operating model is what makes the dark web such a valuable and appealing tool for cybercriminals and other people with questionable intentions.

While the dark web is part of the deep web, the inverse is not true. As such, the two terms should not be conflated.

The History of the Dark Web

The origins of the dark web can be traced to researchers and scientists in the U.S. Naval Research Lab who, in 2002, recognized how easily digital activity and communication could be monitored, intercepted and exploited. It grew out of a need for a more secure communications channel in the intelligence community, despite being associated with nefarious activities today.

The dark web continues to be a valuable tool and exchange network for many groups around the world. It is considered an outright necessity by some in order to encourage free speech, maintain a free press and support the work of law enforcement and government agencies.

How to Access the Dark Web

To access the dark web, users need a special browser, the most common of which is Tor, short for “The Onion Routing” project, which launched in 2002 and serves millions of users. Another is I2P (Invisible Internet Project), which specializes in the anonymous hosting of websites on the dark web.

Once a user installs a dark web browser on a device, it functions like a regular browser. That said, it can be difficult for users to find the material they are looking for on the dark web. Addresses tend to be a mix of random numbers and letters, making them challenging to remember or access manually. Addresses also change frequently due to the transient nature of many dark web actors. Finally, because the dark web routes all traffic through a series of proxy servers, which are operated by thousands of volunteers around the world, the search process is typically very slow.

What Can You Find on the Dark Web?

The dark web contains a wide variety of services and content to its users, some of which skirts or disregards legality. While the intention and purpose of users on the dark web may vary, the dark web itself is neither good nor bad.

Law enforcement agencies, the intelligence community, and cybersecurity professionals often maintain a presence on the dark web in an attempt to monitor, trace or trap cybercriminals. For many, simply knowing what information is being bought and sold online may help organizations and people take the appropriate steps to protect their information and assets.

Dark Web Price Index

According to the 2021 Dark Web Price Index, these are typical prices, in U.S. dollars, of goods and services sold on the dark web.

  • Cloned credit card with PIN: $30
  • Stolen online banking logins, minimum of $2k in account: $120
  • Western Union transfer from stolen account above $1k: $45
  • USA verified LocalBitcoins account: $350
  • Soundcloud plays x1k: $1
  • Hacked Facebook account: $65
  • Hacked Gmail account: $80
  • Netflix account (1 year subscription): $44
  • Fake U.S. Green Card: $150
  • USA voter database for various states: $100
  • Forged EU passport: $4,000
  • DDoS attack on unprotected website: $15

Dark Web Commerce and Cryptocurrency

To maintain anonymity, all transactions on the dark web are conducted with Bitcoin, a virtually untraceable digital currency, and other types of digital currencies. As a result, dark web users can interact, communicate, share files and conduct business confidentially.

Is the Dark Web Illegal?

Similar to using a standard web browser to access the open web, the act of using Tor or a dark web browser to access the dark web is not illegal in and of itself. It is illegal to perform illegal acts on the dark web, regardless of the level of anonymity provided by the platform.

Users of the dark web should also realize that although their activity is technically anonymous, associating with people who are conducting illegal activities can have legal implications. Several recent high-profile takedowns of dark web marketplaces such as Silk Road, Alpha Bay, and Wall Street Market have resulted in hundreds of arrests around the world, underscoring the risks of engaging in illegal activity in any form.

Is the Dark Web Dangerous?

The dark web is a common gathering place for hackers and other cybercriminals, which can make browsing the dark web a risky activity. Visitors to the dark web should exercise extreme caution when downloading files, as they may infect your devices with viruses, malware, trojans, ransomware or other malicious files. At a minimum, users should ensure that their cybersecurity defenses are activated and up-to-date.

That said, many of the actors on the dark web are highly skilled digital adversaries who can easily outmaneuver basic security measures. As a leading cybersecurity vendor, CrowdStrike cautions all organizations and individuals to refrain from using the dark web.

How to Expose the Open, Deep, and Dark Webs

Download this white paper to learn how CrowdStrike Falcon® Intelligence Recon can help identify potentially malicious and criminal activity across the dark web.

Download Now

How to Protect Yourself on the Dark Web

Knowing if your information is on the dark web is a critical part to protecting yourself from threats. Dark web monitoring tools are similar to a search engine (like Google) for the dark web. These tools help to find leaked or stolen information such as compromised passwords, breached credentials, intellectual property and other sensitive data that is being shared and sold among malicious actors operating on the dark web. Learn how CrowdStrike can help protect your brand and data with the CrowdStrike Falcon® Intelligence Recon™ platform.

GET TO KNOW THE AUTHOR

Bart is Senior Product Marketing Manager of Threat Intelligence at CrowdStrike and holds +20 years of experience in threat monitoring, detection and intelligence. After starting his career as a network security operations analyst at a Belgian financial organization, Bart moved to the US East Coast to join multiple cybersecurity companies including 3Com/Tippingpoint, RSA Security, Symantec, McAfee, Venafi and FireEye-Mandiant, holding both product management, as well as product marketing roles.