There’s the World Wide Web, and then there’s the less understood and presumably nefarious Dark Web — but not all who use the Dark Web have malicious intent. So what is the Dark Web, and why would cybersecurity companies access underground exchanges in search of valuable data and intellectual property when there is so much criminal activity going on there?

Layered within the darkness are rays of intellectual light that are hugely beneficial to organizations for a variety of reasons. Many make the assumption that the Dark Web is bad, likely because of the connotation of the word “dark.” Couple that with the ability for users to browse anonymously and do as they please with little to no consequence, and it’s understandable that the masses approach what lurks in the darkness of the anonymous web with trepidation.

What Is the Dark Web?

While some may envision the most heinous criminals intermingling in a sort of virtual haunted house, a 2017 academic study titled “Graph Theoretic Properties of the Dark Web” found that the Dark Web is more a collection of dark silos than a web of connectivity. Researchers Virgil Griffith, Yang Xu and Carlo Ratti wrote that they analyzed the Dark Web “because it’s an interesting unexplored data set” and “on the face of it, the World Wide Web and the Dark Web are immensely similar.”

Many believe that the key distinction between the World Wide Web and its perceived underbelly is the societies inhabiting each. The study found that in the dark, there is much less of a web that joins the society of users together. “Unlike the WWW, the Dark Web is a place of isolation,” the researchers wrote.

Yet, not all who access the Dark Web are malicious. “There are actually four dark nets,” said Ran Geva, CEO of Webhose, in an interview. “The oldest and biggest one is the Tor network, which was originally designed by the U.S. Naval Research Laboratory to be a secure network for intel-gathering. There are three more: I2P, Zeronet and Freenet.” Those that followed in Tor’s footsteps were also created for anonymity and information liberation, not for illicit purposes.

Who’s Surfing the Dark Web?

To ensure that your security controls don’t prohibit users from being able to access information that can drive business productivity and actually enhance your overall security posture, it’s important to understand the users of the Dark Web. As an introvert, I’m inclined to see the Dark Web through a different lens. I appreciate the solitude and the ability to search for information without being tracked, and I’m not alone. Users from countries with censorship policies use the Dark Web to surf anonymously and reach content that is otherwise difficult to find.

People who want to leak important information may also use the Dark Web to publish sensitive information. Then there are users who just want to browse the web without being tracked. Additionally, many reputable organizations leverage previously unindexed data via the Dark Web and use it to their benefit.

Legitimacy Influx

As is often the case, the good things that happen on the Dark Web rarely make headlines. Most news stories report on the illegal exchange of goods and other criminal activity that happens there, but cybercriminals are not the only internet users who wish to remain anonymous.

Increasingly, consumers are experimenting with anonymized web browsers like Tor for their routine internet searches. As more users start to receive targeted ads based on their web searches, they will start to see great value in keeping their search habits private. In the December 2017 issue of IPPro The Internet, Michael Bednarek and Kristina Montanaro Schrader of Adams and Reese noted that a move toward anonymous commerce “presents a significant threat to the business model of Google, Facebook and other companies that derive much of their revenue from tracking users online and targeted advertising.”

Gathering Threat Intelligence

Exchanges within the Dark Web also facilitate collaboration and information sharing. Cybersecurity experts monitor exchanges where sophisticated adversaries often engage in discussions about hacking topics. By eavesdropping on these conversations, security analysts can gain insight into new and emerging threats.

Many organizations also use threat intelligence and mitigation platforms to monitor and analyze attacks. The intelligence gathered on the Dark Web allows them to defend against threats to their own assets and applications, and stay abreast of new vulnerabilities being sold in underground marketplaces. “The data helps brands learn when they are mentioned in a negative context — as in a vulnerability, hack attempt or leaked information,” Geva said.

Leveraging previously unindexed data on the Dark Web also helps fight money laundering by correlating bitcoin addresses with illegal activities. Security analysts can locate the places where illegal trade is happening as a means of luring the criminals into a trap.

Dark Analytics

While there are risks to enterprises attempting to garner unindexed data from the Dark Web, the benefits of anonymity allow them to extract previously untapped business, customer and operational insights by investigating unstructured and hidden or undigested data. In the same way that security companies monitor exchanges for threat intelligence, businesses leverage new search tools designed to help users target scientific research, activist data or even hobbyist threads.

Dark data can be discovered from a variety of sources, one of which is the Dark Web. Enterprises are learning to use this body of untapped data from multiple domains to drive business decisions. Still, according to Geva, they have no way of knowing who is collecting the data, who is using it or what it is being used for. That’s why it’s crucial for security leaders to understand who is using the Dark Web, why they are using it and how the data they find can affect the organization’s security posture.

More from Data Protection

How Do You Plan to Celebrate National Computer Security Day?

In October 2022, the world marked the 19th Cybersecurity Awareness Month. October might be over, but employers can still talk about awareness of digital threats. We all have another chance before then: National Computer Security Day. The History of National Computer Security Day The origins of National Computer Security Day trace back to 1988 and the Washington, D.C. chapter of the Association for Computing Machinery’s Special Interest Group on Security, Audit and Control. As noted by National Today, those in…

Resilient Companies Have a Disaster Recovery Plan

Historically, disaster recovery (DR) planning focused on protection against unlikely events such as fires, floods and natural disasters. Some companies mistakenly view DR as an insurance policy for which the likelihood of a claim is low. With the current financial and economic pressures, cutting or underfunding DR planning is a tempting prospect for many organizations. That impulse could be costly. Unfortunately, many companies have adopted newer technology delivery models without DR in mind, such as Cloud Infrastructure-as-a-Service (IaaS), Software-as-a-Service (SaaS)…

Millions Lost in Minutes — Mitigating Public-Facing Attacks

In recent years, many high-profile companies have suffered destructive cybersecurity breaches. These public-facing assaults cost organizations millions of dollars in minutes, from stock prices to media partnerships. Fast Company, Rockstar, Uber, Apple and more have all been victims of these costly and embarrassing attacks. The total average cost of a data breach has increased by 2.6% since 2021 and is now $4.35 million. Organizations that don't deploy zero trust security models also incur an average of $1 million more in…

How the Mac OS X Trojan Flashback Changed Cybersecurity

Not so long ago, the Mac was thought to be impervious to viruses. In fact, Apple once stated on its website that "it doesn't get PC viruses". But that was before the Mac OS X Trojan Flashback malware appeared in 2012. Since then, Mac and iPhone security issues have changed dramatically — and so has the security of the entire world. In this post, we'll revisit how the Flashback incident unfolded and how it changed the security landscape forever. What…