Pagoda Blog


What is the Dark Web and How Does It Affect Your Business?

August 2, 2018

The Dark Web is a murky concept to most, known primarily for hosting an underground matrix of criminal activity. While it’s true that the Dark Web is, in effect, a cyber criminal safe house, the secretive network also hosts investigative news websites, free speech forums, and even chess clubs. Even if you never plan to explore its deep, mysterious depths, it’s important to have a basic understanding and awareness of the Dark Web because when your data is compromised, that’s where it very well may end up.

The 3 levels of the web

There are actually three levels to the web: the surface web (also called the World Wide Web or publicly available web), the deep web, and the Dark Web.

 

The surface web is where you can access articles like this one, conduct online shopping, interact on Facebook, and visit your favorite websites. Anything that can be indexed by a traditional search engine like Google, Yahoo, or Bing falls into this category. Although this is the level we’re most familiar with, in terms of data, it actually only comprises 4% of the entire internet.

 

The deep web is where most activity occurs, comprising the majority of the internet at 93%. This level is where internal or private data is stored and managed. Think internal company sites, school intranets, databases, and member-only websites. Finally we get to the Dark Web -- just 3% of the internet but what happens within that small pocket can have major ripple effects both online and off, from upsetting stock prices and shutting down major ecommerce sites to healthcare insurance scams. (For a further explanation of the differences between these three levels, check out this article by Bright Planet.)  

 

What is the Dark Web?

The Dark Web is a hidden network of websites that isn’t indexed by search engines but is accessible to anyone with an anonymizing browser, called Tor. As described by CSO, “The Tor browser routes your web page requests through a series of proxy servers operated by thousands of volunteers around the globe, rendering your IP address unidentifiable and untraceable. Tor works like magic, but the result is an experience that’s like the Dark Web itself: unpredictable, unreliable and maddeningly slow.”

 

As a user of the Dark Web your identity is completely anonymous. On the surface web, IP addresses track online activity from your computer, easily tracing back a search or login to your personal device. On the Dark Web, Tor utilizes multiple encrypted connections that masks your identity and location. This anonymity is, of course, what makes the Dark Web a popular hangout for criminals.

 

Criminal activity on the Dark Web

Criminals use the Dark Web to sell and buy private data like credit card and bank account numbers, social security numbers, login credentials, and even access to a Netflix premium account. (The going rate is $6.) The websites that host these illegal marketplaces look much like those in the surface or deep web but they use a scrambled naming structure (resulting in random strings of letters and numbers) and end in ‘.onion’ rather than ‘.com.’ Everything on the Dark Web is structured to ensure anonymity and privacy. This is alluring to criminals but it also attracts well-intentioned users searching for a safe space to do things like speak out against oppressive regimes.    

Legal activity on the Dark Web

Much of the Dark Web harbors illegal activity but it’s also used to exercise free speech and as a place to connect with others with the assurance that tech companies like Facebook aren’t tracking your every move and harvesting your data. There are also whistleblower sites, private and encrypted email services, and other privacy offerings.  “A lot of people use it in countries where there’s eavesdropping or where internet access is criminalized,” said Patrick Tiquet, Director of Security and Architecture for Keeper Security, in an article for CSO.

The Dark Web and bitcoin

The emergence of cryptocurrency, especially bitcoin, is largely responsible for recent growth in activity on the Dark Web. This is because bitcoin allows transactions to take place anonymously between users, making it difficult to connect illegal sales back to any one individual.

 

For more information on bitcoin, check out our blog post, The Basics of Bitcoin and What It Means for Cybersecurity.

Is your data on the Dark Web?

When a data breach occurs like the Cambridge Analytica data privacy scandal or the WannaCry Ransomware attack back in 2017, the data from compromised accounts is put up for sale on the Dark Web. Cyber criminals can then purchase that data in bulk or they can purchase single pieces of data such as a social security or credit card number. Experian has a useful infographic that shows the going rate for different types of information sold on the Dark Web.

 

This is why if you’re the victim of a cyber attack, it’s critical to change compromised usernames and passwords, credit card numbers, etc. To prevent your data from showing up in the Dark Web, there are several preventive measures you can take:

 

1. Never share personal information unless absolutely necessary

Always question when a business requests your social security number and make sure that the website uses secure encryption. (All websites should now be using HTTPS rather than HTTP.)

 

2. Create secure, unique passwords for every account

Everyone at your company should be required to create unique, secure passwords for all work accounts to prevent a data breach. Make sure your password policy guidelines are up to date and consider using a secure password manager to both store account information and generate passwords.

 

3. Keep your software updated

When you run regular updates across your devices, you’re ensuring that you have the latest security patches installed which are your best defense against cyber attacks. Neglecting to update the latest software or operating system creates a gap in your cybersecurity defenses where hackers can gain access.

 

4. Install antivirus software

We recommend that our clients install antivirus software on all their devices, including Macs. Even though Macs have their own built-in anti-malware software, it only detects malware it’s seen before, leaving you vulnerable to new threats.  

 

5. Provide cyber security training to all employees

Your business is only as secure as its weakest link so make sure that all staff receive cyber security training, not just IT.

 

It’s scary to think about your information ending up on the Dark Web but don’t let the knowledge of its existence prevent you from conducting business online. Cyber security is all about awareness and taking the necessary precautions to protect your data. Check out our post, How to Protect Your Business from Identity Theft for more information or reach out to us directly to find out how to improve your business’s cyber security:

 

Get in touch for a free IT consultation

 

Want to get more posts like these once a month in your inbox? Sign up for the Pagoda newsletter and learn how to protect and grow your business with monthly IT tips from our experts.

 

Subscribe today.

 

Need ongoing IT support for your business? Contact us for a free consultation. We’d love to work with you!

 

––––––––––––––––––––––––––––––––––––––––––––––––––––––––––

About Pagoda Technologies IT services

Based in Santa Cruz, California, Pagoda Technologies provides trusted IT support to businesses and IT departments throughout Silicon Valley, the San Francisco Bay Area and across the globe. To learn how Pagoda Technologies can help your business, email us at support@pagoda-tech.com to schedule a complimentary IT consultation.




Return to Pagoda Blog Main Page