This article discusses the “dark web”, its use, access methods, and staying safe. While access to the dark web in the US is not illegal you can wind up in serious legal trouble if you engage in criminal activities; accessing the dark web can also be considered “suspicious activity” by your ISP and may result in referral to law enforcement.
This author does not advise surfing the dark web, and does not support or encourage engaging in illegal, malicious, nefarious, or subversive activities.
Slices of the internet:
The internet is made up of several different “slices” or tranches based on the availability and indexing of the information being sought, it is set up as follows:
Surface Web: The top layer of the internet is called the “clearnet” or “surface web”, this is where traditional websites reside and where information is readily available to the general public. The surface web is the portion of the internet and mobile web that is indexed by search engines and web crawlers such as Google, Bing, and Yahoo. This segment of the internet offers virtually no privacy since IP addresses and user activity are constantly being logged and are easily traceable.
Deep Web: The deep web isn’t as nefarious as many commentators make it sound. The deep web is estimated to constitute over 96% of web content. This portion of the internet consists of information that is not indexed and is not readily available to the general public. Information residing on the deep web includes content protected by paywalls/registrations, as well as content you wouldn’t want to be readily searchable, such as your email, online banking data, and medical records.
Dark Web: The dark web is a subset of the deep web and is a decentralized network of internet sites housing encrypted content. The dark web operates by routing information through multiple intermediate servers encrypting it at each step in an effort to maintain privacy. The dark web makes up approximately 5% of the total internet.
How do you access the Dark Web?
Accessing the dark web is a fairly simple endeavor, just download a dark web browser such as TOR (“the onion router”), SubgraphOS, Invisible Internet Project, IP2, or Freenet and find the site you’re looking for. The most common access method is TOR; you should conduct research on the proper use of such access methods before trying them out.
Sites on the dark web do not use “.com”, “.org”, or “.net”, but instead use a “.onion” suffix. Additionally; websites do not have easy to remember names like ones on the surface-web, they generally use a seemingly random mix of alpha-numeric characters appended by the .onion suffix.
What’s on the Dark Web?
The dark web hosts a wide range of sites, activities, and content which like the surface web may be legal or illegal in nature. The dark web is most commonly known for its extensive range of “dark web marketplaces” (DWMs) and criminal forums.
DWMs are like amazon or ebay, except in many cases they sell things that are illegal such as weapons, drugs, human organs, or malware. The most well-known DWMs are/were “Silk Road” (now shut down), AlphaBay, and Hansa; but, there are a wide variety of others which have taken the place of ones that have been shut down.
The dark web also has a wide range of discussion boards, forums, and sites containing both legal and illegal content. Some of the most well-known forums are those belonging to hackers and cyber criminals. On these forums, hacking techniques are discussed, hacking services are requested, and advertisements for malware or hacking capabilities are posted for those who need the services. Many hackers advertise their specific brands of “malware-as-a service” or “ransomware-as-a-service” products or offer stolen/hacked data for a price. Other forums include those discussing, planning, or depicting murder for hire, assassinations, human trafficking, child exploitation, and a plethora of other crimes as well.
Just like the surface web, there is a wide variety of news and media. In many countries media is manipulated, content is controlled, and disinformation is widespread. The dark web allows persons in these countries to view external media sources outside of their government firewalls. Media companies such as the BBC and ProPublica have dark web mirror sites, as does Facebook.
Staying Safe:
If you intend on browsing the dark web it is highly recommended that you invest in a virtual private network (VPN). A VPN can help mask your location by emulating or spoofing your real location to someplace you’re not, making your traceability by malicious actors significantly more difficult.
There are a host of issues involving TOR entry and exit nodes. Since entry node IP addresses tend to be public the ISP knows when you access TOR without a VPN. Additionally, there are numerous issues involving malicious TOR exit nodes that are operated by hackers; unknowingly landing on these nodes can lead to your computer or network being hacked. There is disagreement as to whether it is better to use TOR first or the VPN first, but that is a lengthy topic of discussion for another article.
Many dark web sites (regardless of legality) require registration via email. As a precaution you may want to consider not using your real name, and use an email address that is difficult to trace such as one at “protonmail” or “mail.com”. If a cybercriminal is able to trace your identity back to you they can do serious damage to your financials or reputation. The best method is to use a secure dark web email provider, using a pseudonym when on the dark web is highly advised.
It is recommended that you disable javascript, and consider not allowing sites to run macros. In many cases, cybercriminals inject or deploy malicious code (malware) through the use of macros, JScripts, and downloads, all of which should be avoided on the dark web.
Many transactions on the dark web, both legal and illegal are done in cryptocurrency; many sites accept bitcoin, however Monero and “Hydra” are growing in popularity by virtue of being “privacy coins” (vs Bitcoin which is a public ledger). You should not link your bank account to any dark web site, as this is obviously an invitation for trouble; additionally, you may want to consider using a heavily encrypted, cryptocurrency wallet to prevent cybercriminals from tracing your funds back to your regular crypto wallet.
Lastly, as noted above, dark web addresses consist of a seemingly random string of alpha-numeric characters, this makes remembering them difficult and increases the likelihood of transposition errors. You should consider verifying the location of the site you want from multiple sources as landing on a bad page can lead to phishing attacks, malicious code injection, or could lead to you being investigated by authorities for criminal involvement when your intentions may have been benign.
Legality:
While the dark web is home to a plethora of nefarious market places, blogs, boards, and activities, there are also a wide variety of legal sites and activities to take part in as well.
In the U.S. surfing the dark web itself is not an illegal activity, also, engaging in legal activities on the dark web is not illegal. However, as noted above, your ISP can detect when you are browsing the dark web (if you don’t use a VPN); while they may not be able to see your activity, U.S. courts have allowed for computer seizures and law enforcement investigations based on dark web access.
Illegal dark web sites may be monitored by global law enforcement entities, accidentally landing on one (using the wrong address) or curiosity can wind up with you being arrested detained, or investigated simply due to access and regardless of intent.
Obviously, purposely engaging in illegal activities on the dark web is not legal and is ill advised; buying/selling weapons, drugs, counterfeit merchandise, or financial data, or engagement in any other criminal activity is illegal and can lead to you being arrested or convicted under a wide range of state or federal laws. Also note, using cryptocurrency “mixers” can get you into serious legal trouble in the US.
About the Author: Z3R0 is a management consultant who specializes in industrial security, counterespionage, and managing organizational investment in emerging security tech. Z3R0’s experience includes over a decade of operational and strategic leadership in counterintelligence and insider threat analytics across various corporate and public partners to include the ECTF, JTTF, HIFCA and the U.S. Defense Industrial Complex.
