Shining a Light on the Dark Web

Everybody knows that hackers wear hoodies and hang out on the dark web. But what is the dark web?

Mishunda Mathis, DEVCON’s Senior Director of Risk and Revenue, recently found an alarming message in her inbox. It was labeled a DARK WEB ALERT from a credit monitoring service, and it suggested that an email address and password combo had been “found on the dark web.” It was enough to get her thinking:

“It was a nice little wake up call. It’s easy to forget that there may be some old accounts out there. They might not be locked down and could be harvested for our data. A little research showed me that the data breach was actually a couple of years old and I never heard about it - that alone is scary.”

Mishunda is not your average internet user - she sets the bar pretty high for her own awareness and does a lot of independent information gathering to make sure she’s in the know. So if the DARK WEB ALERT language was sobering for her, imagine how a less informed or careful web user must receive it. Just how scary is the dark web? What is the dark web, anyway?

Dark is deep but deep is not necessarily dark

There’s been some long-standing confusion in news reports between the “deep web” and the “dark web.” The deep web is the group of websites that aren’t indexed by search engines. This can be parts of websites that only registered users see, like banking applications or web forums. Or it can be content that is specifically excluded from search engines (there are a number of technical ways to limit access). The deep web even includes content that search engines just can’t find easily because it isn’t linked from anywhere else.

Lurking around on the deep web is another kind of content - darknets, or the dark web. These networks are intentionally hidden from the broader internet and require specific browsers and techniques to access. These smaller networks rely on peer-to-peer connections without any centralized hub - but that doesn’t mean they aren’t organized.

The internet’s back alley

Michael F.D. Anaya, DEVCON’s Head of Global Cyber Investigations, describes the dark web in some familiar terms:

“The dark web is almost solely used to facilitate the sale and distribution of illicit goods and services. The dark web is comprised of a number of marketplaces. These marketplaces function in a very similar fashion to a tradition e-commerce site like Amazon.com. But instead of groceries and electronics, you can buy drugs and child pornography. Threat actors use these dark web marketplaces because it affords them three things that are a must in their line of work: an anonymous way to do business, an unregulated venue to operate in, and protection from law enforcement.”

The smaller, close-knit nature of these marketplaces allow for criminals to behave a lot like above-board shoppers. Mishunda’s password from a years-old breach couldn’t be sold as fresh, new data, Michael says. “Many of the more established marketplaces have a seller rating scheme. So there is a certain amount of accountability built into the system.”

Keeping yourself off the shelves

If you get one of these scary DARK WEB ALERTS, there are a couple of things you can do to make your information they’re selling less useful.

1) Change up your passwords. Definitely change any passwords that are part of a breach - and don’t reuse passwords in the first place! This is easiest if you’re using a password manager like Dashlane or LastPass. They both work across devices and both make changing passwords (and keeping them unique) very simple.

2) Segment your email addresses. Almost every email application can handle more than one account - so creating a seperate email address for service sign-ups can help to segment your information. Even if they gain access to that account through a breach, hackers won’t have as much information to harvest.

3) Clear out old accounts. Keep yourself off the dark web by cancelling your accounts for apps and services you no longer use. An easy way to find some of these is to search your email account for the phrases “confirm your” or “welcome to.” This will find emails you received when you originally signed up. If you see old stuff among those, try clicking through and deleting those accounts.

4) Report your credit cards as stolen. A dark web alert is a good reason to refresh the numbers on the cards you commonly use for payment. Credit card numbers are frequently included in data breaches, and even though many financial institutions are on the lookout for fraudulent activity, having an active number passing around the dark web can’t lead to anything positive.

Taking the bad with the good

The dark web isn’t going anywhere - because it’s a product of some of the internet’s strengths. Dark web style networks help whistle blowers and other activists operate with anonymity. They can allow internet usage for people being oppressed by their governments, and generally provide decentralized, secure methods of storage and communication without a lot of tracking.

We can’t expect the dark web to disappear, but we can keep our sensitive information out of the shopping carts of criminals. If you get a DARK WEB ALERT don’t freak out - just roll up your sleeves and start some digital deep cleaning.

Andy Kahl