Disclaimer: This article has been written by Digital Transformation and Sustainability Evangelist Vijay Sethi. Also a member of the Advisory Board of Cyble, Vijay is an industry veteran with over 30 years of experience.
Recently, we have been reading various news coverages regarding ransomware, data leaks, and personal data being made available or sold on the darkweb, etc. Apart from making the headlines, these cybersecurity incidents have also emerged as a major topic of discussion. During a recent mentoring session with an IT manager, I was curious to see if he had heard of the darkweb and the deepweb. When he confirmed that he was aware of these, I was tempted to probe the extent of his knowledge of the darkweb further. According to the IT manager, “The darkweb is a very small part of the internet associated with illegal activities.”
When asked about the deepweb, he looked a bit taken aback by the question. Being a smart guy, he quickly responded saying that the deepweb is simply another name for the darkweb. As I pondered over the discussion, I realized that there is definitely a grey area in the IT community when it comes to the difference between surface, deep, and darkweb. This prompted me to share my views on the topography of the internet that we all know and use today. Let’s look at some of the most commonly asked questions and myths surrounding this subject.
Is the internet we know (surface web) really vast, and is the darkweb just a small part of the internet?
In short – No. The fact is that the internet that we all generally talk about and use – for example, search engines like Google, etc. comprises only 4% to 5% of the actual web, and the remaining 95 % (or more) cannot really be accessed using our normal search engines.
What are the various kinds of internet, and are darkweb and deepweb the same thing?
Generally, the internet today is categorized into 3 sections, namely the surface web – which most of us use, followed by the deepweb, and the darkweb. Contrary to common beliefs, the deepweb and darkweb are two entirely different areas and the terms cannot be used interchangeably.
To understand the difference further, let us go over the basics of how internet search engines work. Search engines use a concept called “indexing” to organize information before a search. This enables the fetching of responses to queries sent by you and me. Simply put, search engines use software (called crawlers or web spiders) that visit all sites and send them for indexing. If a particular website does not allow the crawlers to send the data for indexing, the site is not indexed and hence, cannot be seen on search engines.
Surface web is that part of the Internet that has information related to sites that have been indexed by search engines. This part of the internet is accessible by search engines like Google, Bing etc. Generally, when we search for anything, we get thousands of articles, videos, and images, which gives us the impression that the surface web is massive. However, there are estimates that this could be just 4-5 % (even less by some estimates) of the entire web. The remaining 95 % (or more) is made up of information that is not indexed. The part which is not indexed cannot be accessed using our regular search engines. Due to limited accessibility, we are generally unaware of the relative scale of the deepweb and darkweb in comparison to the surface web.
Deepweb is the layer of the internet below the surface web. This has non-indexed content and cannot be accessed with a regular Google search. Data in the deepweb is stored in databases instead of pages. There are broadly two categories of deepweb – one is obscurity or anonymity, while the other is authenticated.
- Obscurity: Websites in this category block the search engine’s crawlers from indexing the site and thus, search engines can’t show the pages in search results.
- Authenticated: The other part is authenticated – here the sites can be accessed by anyone who has valid credentials (like username / password etc).
Darkweb (or dark net) is a relatively small part of the deepweb but contains highly secured and inaccessible data from search engines as well as standard browsers. In the darkweb, users can communicate and conduct business anonymously.
How can I access darkweb and deepweb?
Unless you really have a specific agenda, it is advisable not to access the darkweb and deepweb. Having said that, the content on the deepweb can be accessed by a direct URL or IP address, but usually requires a password. The darkweb can only be accessed using dedicated software like TOR (The Onion Router) and I2P (Invisible Internet Project) and a VPN.
Are deepweb and darkweb only used to conduct illegal activities?
That is a myth. The deepweb and the darkweb offer a degree of privacy and anonymity that is not found on the surface web, and the majority of content there may not necessarily be illegal.
The deepweb has many common uses such as webmail, Medical records, Research papers, legal documents, private social media pages and profiles. There are also some paid services such as video on demand, online magazines, and newspapers etc.
The darkweb is often associated with illegal activity, but even here, all of the content may not be illegal. There could be a case for using the darkweb for information sharing where people may seek anonymity. The darkweb gets its nefarious reputation as it offers a ground for activities like selling stolen data and personal information, drugs, hacking software, counterfeit money, and weapons, etc.
What can individuals do to protect their data from getting on to dark and deepweb?
There are three very simple things that each of us can do to create the first line of defense against cyberattacks. These include:
- Using strong passwords – Your password should include a combination of Upper and lower-case letters, numbers, and symbols. While choosing a password, remember that it should be easy for you to remember but difficult for others to guess. Good password hygiene recommends the selection of strong passwords that are more at least 8 characters long.
- Do not use public Wi-Fi – We often look for free public Wi-Fi wherever we go. This could be a potential source of threats. It is advisable to avoid public Wi-Fi networks as much as possible.
- Beware of Phishing e-mails and websites: Often, hackers send fake emails or set up fake websites that are designed to look like the regular sites of common organizations (like Facebook or Twitter) to trick unsuspecting individuals into disclosing their usernames and passwords. If you are not sure of the sender of emails or links and attachments in them, refrain from submitting any personal credentials to these pages.
Are there any specialized tools that companies and IT managers can use to monitor activities on the dark and deepweb?
Yes, today there are various cyberthreat intelligence organizations that have specialised and very user-friendly tools to monitor the darkweb and deepweb. Cyble (https://cyble.com) is one such leading organization that strives to help its clients detect and identify their exposure in the darkweb with its proprietary SaaS platform.
Cyble is a global threat intelligence SaaS provider that helps enterprises protect themselves from cybercrimes and exposure in the darkweb. Cyble’s prime focus is to provide organizations with real-time visibility into their digital risk footprint. Backed by Y Combinator as part of the 2021 winter cohort, Cyble has also been recognized by Forbes as one of the top 20 Best Cybersecurity Startups to Watch In 2020. Headquartered in Alpharetta, Georgia, and with offices in Australia, Singapore, and India, Cyble has a global presence. To learn more about Cyble, visit www.cyble.com.