Browse Definitions :

dark web (darknet)

The dark web, also referred to as the darknet, is an encrypted portion of the internet that is not indexed by search engines and requires specific configuration or authorization to access. Although the dark web is sometimes portrayed as a domain frequented by criminal elements, it is also created and used by people who require privacy for entirely legal reasons, such as the exchange of proprietary business information. In such a case, information may be exchanged through an encrypted peer-to-peer (P2P) network connection or by using an overlay network, such as Tor.

The anonymity that Tor and other overlay networks provide has led to the dark web's reputation for illegal activity. In July, 2017, law enforcement agencies in six countries, plus Europol, coordinated the shutdown of two of the largest dark web black markets and gathered communications on vendors and users, which experts said could lead to more prosecutions. 

How to access the dark web

The dark web can only be accessed with a specialized, anonymous browser, such as the Tor browser. The Tor browser keeps a user’s identity hidden by routing web page requests through a series of proxy servers that renders an IP address untraceable. While this process works well for anonymity, the Tor browser experience is typically unreliable and slow.

Websites on the dark web have an unconventional naming structure, therefore, users should know the URL they want to access beforehand as there are very few dark web search engines. Instead of ending in .com or other common suffixes, dark web URLs typically end in .onion, a special-use domain suffix. Dark web sites also have URLs that are a mix of letters and numbers, making them hard to find or remember. For example, the now-defunct darknet black market, Silk Road, went by the URLs silkroad6ownowfk.onion and silkroad7rn2puhj.onion.

Where is the dark web?
The dark web is located underneath the surface web and the deep web.

Who uses the dark web?

The Tor network began as a channel for anonymous communication, and while hackers or cybercriminals do take advantage of this, there are practical reasons for accessing it. For example, the dark web can help users communicate in environments or geographical areas that compromise freedom of speech. Dark web social media networks also exist, such as specialized clubs or BlackBook, described as the Facebook of Tor.

The primary use of the dark web is for e-commerce. With the use of cryptocurrency, users can purchase anything on the dark web without revealing their identity. This trait lends itself well to reprehensible behavior such as purchasing credit card numbers, drugs, counterfeit money or weapons. However, more legitimate companies are beginning to have a presence on the dark web.

Another more ethical use of the dark web is for law enforcement or threat intelligence agencies. Professionals may search through the dark web for signs of security or data breaches, evidence of illegal activity or newly emerging cyberthreats. The dark web also hosts a large amount of educational information that cannot be found elsewhere, such as banned books, collections of news articles and discussion forums.

Dangers of the dark web

Accessing the dark web and using the tools or services found there can be associated with high risks for an individual user or an enterprise. A few dangers that users should be aware of before browsing the dark web include:

When affecting an entire organization, these dangers can interrupt business operations, defraud a company or devalue a brand’s integrity. In order to safely browse the dark web, users should employ reliable security software such as a VPN. Additionally, the Tor browser, Tor applications and operating systems should be kept up to date. Users should also not reveal their regular contact information or expose credentials when on the dark web.

Dark web vs deep web

Oftentimes, the terms “dark web” and “deep web” are interchanged, but they are not exactly the same. The dark web is a subsection of the deep web. Neither dark nor deep web pages can be found on search engine results pages (SERP), but deep web pages can be accessed by anyone with a browser who knows the URL. Dark web pages, in contrast, require special software with the correct decryption key, as well as access rights and knowledge of where to find the content.

This was last updated in July 2019

Continue Reading About dark web (darknet)

  • compliance risk

    Compliance risk is an organization's potential exposure to legal penalties, financial forfeiture and material loss, resulting ...

  • information governance

    Information governance is a holistic approach to managing corporate information by implementing processes, roles, controls and ...

  • enterprise document management (EDM)

    Enterprise document management (EDM) is a strategy for overseeing an organization's paper and electronic documents so they can be...

  • IPsec (Internet Protocol Security)

    IPsec (Internet Protocol Security) is a suite of protocols and algorithms for securing data transmitted over the internet or any ...

  • principle of least privilege (POLP)

    The principle of least privilege (POLP) is a concept in computer security that limits users' access rights to only what are ...

  • biometric authentication

    Biometric authentication is a security process that relies on the unique biological characteristics of individuals to verify they...

  • risk mitigation

    Risk mitigation is a strategy to prepare for and lessen the effects of threats faced by a business.

  • call tree

    A call tree is a layered hierarchical communication model that is used to notify specific individuals of an event and coordinate ...

  • Disaster Recovery as a Service (DRaaS)

    Disaster recovery as a service (DRaaS) is the replication and hosting of physical or virtual servers by a third party to provide ...

  • cloud storage

    Cloud storage is a service model in which data is transmitted and stored on remote storage systems, where it is maintained, ...

  • cloud testing

    Cloud testing is the process of using the cloud computing resources of a third-party service provider to test software ...

  • storage virtualization

    Storage virtualization is the pooling of physical storage from multiple storage devices into what appears to be a single storage ...