April 9, 2018 By Kacy Zurkus 4 min read

There’s the World Wide Web, and then there’s the less understood and presumably nefarious Dark Web — but not all who use the Dark Web have malicious intent. So what is the Dark Web, and why would cybersecurity companies access underground exchanges in search of valuable data and intellectual property when there is so much criminal activity going on there?

Layered within the darkness are rays of intellectual light that are hugely beneficial to organizations for a variety of reasons. Many make the assumption that the Dark Web is bad, likely because of the connotation of the word “dark.” Couple that with the ability for users to browse anonymously and do as they please with little to no consequence, and it’s understandable that the masses approach what lurks in the darkness of the anonymous web with trepidation.

What Is the Dark Web?

While some may envision the most heinous criminals intermingling in a sort of virtual haunted house, a 2017 academic study titled “Graph Theoretic Properties of the Dark Web” found that the Dark Web is more a collection of dark silos than a web of connectivity. Researchers Virgil Griffith, Yang Xu and Carlo Ratti wrote that they analyzed the Dark Web “because it’s an interesting unexplored data set” and “on the face of it, the World Wide Web and the Dark Web are immensely similar.”

Many believe that the key distinction between the World Wide Web and its perceived underbelly is the societies inhabiting each. The study found that in the dark, there is much less of a web that joins the society of users together. “Unlike the WWW, the Dark Web is a place of isolation,” the researchers wrote.

Yet, not all who access the Dark Web are malicious. “There are actually four dark nets,” said Ran Geva, CEO of Webhose, in an interview. “The oldest and biggest one is the Tor network, which was originally designed by the U.S. Naval Research Laboratory to be a secure network for intel-gathering. There are three more: I2P, Zeronet and Freenet.” Those that followed in Tor’s footsteps were also created for anonymity and information liberation, not for illicit purposes.

Who’s Surfing the Dark Web?

To ensure that your security controls don’t prohibit users from being able to access information that can drive business productivity and actually enhance your overall security posture, it’s important to understand the users of the Dark Web. As an introvert, I’m inclined to see the Dark Web through a different lens. I appreciate the solitude and the ability to search for information without being tracked, and I’m not alone. Users from countries with censorship policies use the Dark Web to surf anonymously and reach content that is otherwise difficult to find.

People who want to leak important information may also use the Dark Web to publish sensitive information. Then there are users who just want to browse the web without being tracked. Additionally, many reputable organizations leverage previously unindexed data via the Dark Web and use it to their benefit.

Legitimacy Influx

As is often the case, the good things that happen on the Dark Web rarely make headlines. Most news stories report on the illegal exchange of goods and other criminal activity that happens there, but cybercriminals are not the only internet users who wish to remain anonymous.

Increasingly, consumers are experimenting with anonymized web browsers like Tor for their routine internet searches. As more users start to receive targeted ads based on their web searches, they will start to see great value in keeping their search habits private. In the December 2017 issue of IPPro The Internet, Michael Bednarek and Kristina Montanaro Schrader of Adams and Reese noted that a move toward anonymous commerce “presents a significant threat to the business model of Google, Facebook and other companies that derive much of their revenue from tracking users online and targeted advertising.”

Gathering Threat Intelligence

Exchanges within the Dark Web also facilitate collaboration and information sharing. Cybersecurity experts monitor exchanges where sophisticated adversaries often engage in discussions about hacking topics. By eavesdropping on these conversations, security analysts can gain insight into new and emerging threats.

Many organizations also use threat intelligence and mitigation platforms to monitor and analyze attacks. The intelligence gathered on the Dark Web allows them to defend against threats to their own assets and applications, and stay abreast of new vulnerabilities being sold in underground marketplaces. “The data helps brands learn when they are mentioned in a negative context — as in a vulnerability, hack attempt or leaked information,” Geva said.

Leveraging previously unindexed data on the Dark Web also helps fight money laundering by correlating bitcoin addresses with illegal activities. Security analysts can locate the places where illegal trade is happening as a means of luring the criminals into a trap.

Dark Analytics

While there are risks to enterprises attempting to garner unindexed data from the Dark Web, the benefits of anonymity allow them to extract previously untapped business, customer and operational insights by investigating unstructured and hidden or undigested data. In the same way that security companies monitor exchanges for threat intelligence, businesses leverage new search tools designed to help users target scientific research, activist data or even hobbyist threads.

Dark data can be discovered from a variety of sources, one of which is the Dark Web. Enterprises are learning to use this body of untapped data from multiple domains to drive business decisions. Still, according to Geva, they have no way of knowing who is collecting the data, who is using it or what it is being used for. That’s why it’s crucial for security leaders to understand who is using the Dark Web, why they are using it and how the data they find can affect the organization’s security posture.

More from Data Protection

Data security tools make data loss prevention more efficient

3 min read - As businesses navigate the complexities of modern-day cybersecurity initiatives, data loss prevention (DLP) software is the frontline defense against potential data breaches and exfiltration. DLP solutions allow organizations to detect, react to and prevent data leakage or misuse of sensitive information that can lead to catastrophic consequences. However, while DLP solutions play a critical role in cybersecurity, their effectiveness significantly improves when integrated with the right tools and infrastructure. Key limitations of DLP solutions (and how to overcome them) DLP…

Defense in depth: Layering your security coverage

2 min read - The more valuable a possession, the more steps you take to protect it. A home, for example, is protected by the lock systems on doors and windows, but the valuable or sensitive items that a criminal might steal are stored with even more security — in a locked filing cabinet or a safe. This provides layers of protection for the things you really don’t want a thief to get their hands on. You tailor each item’s protection accordingly, depending on…

What is data security posture management?

3 min read - Do you know where all your organization’s data resides across your hybrid cloud environment? Is it appropriately protected? How sure are you? 30%? 50%? It may not be enough. The Cost of a Data Breach Report 2023 revealed that 82% of breaches involved data in the cloud, and 39% of breached data was stored across multiple types of environments. If you have any doubt, your enterprise should consider acquiring a data security posture management (DSPM) solution. With the global average…

Cost of a data breach: The evolving role of law enforcement

4 min read - If someone broke into your company’s office to steal your valuable assets, your first step would be to contact law enforcement. But would your reaction be the same if someone broke into your company’s network and accessed your most valuable assets through a data breach? A decade ago, when smartphones were still relatively new and most people were still coming to understand the value of data both corporate-wide and personally, there was little incentive to report cyber crime. It was…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today