According to latest news, the US Department of Justice has arrested a 23-year-old man accused of operating the dark web drug marketplace Incognito Market. The platform sold over $100 million worth of narcotics worldwide, connecting customers with vendors and earning 5% of every sale. Investigators found that even prescription medication advertised as authentic on the site could not be trusted. An undercover law enforcement agent bought tablets on Incognito Market in November 2023, which were actually fentanyl. If found guilty, the man faces a mandatory life sentence, a maximum life sentence for narcotics conspiracy, 20 years for money laundering, and five years for conspiracy to sell adulterated and misbranded medication (CLULEY, 2024). If you are regularly reading the cyber world's news, it is always in the headline that cybercriminals are threatening organizations that they will sell critical exploits on the dark web. A portion of the Internet known as the "Dark Web" is inaccessible with a typical web browser and is not indexed by search engines like Google. Double extortion ransomware gained popularity in 2021. After requesting payment to receive the decryption key required to restore the data, cybercriminals may threaten to post the content for sale on the dark web. It means that the data that an organization plans to use for double extortion is copied before it is encrypted (Pawar, 2023). Basically, there are three categories into internet - the surface web, deep web, and black web. We will explore more about dark web in this article.
The portion of the internet that we often view with standard browsers like Google Chrome, Safari, or Firefox is known as the “Surface web”. Every time we visit a website, such as facebook.com or amazon.com, we are only allowed to browse its surface and access the information that is visible to the user; we are unable to access the "behind the scenes" aspects of the site.
Access to information that is restricted to certain individuals within an organization is made possible by the “Deep Web”, which allows users to view websites and databases that are hidden from public view. These details cannot be obtained using standard search engines and require a password in order to access. A special URL is needed to access deep web. With an estimated 90–95% of the whole internet, or the deep web, is by far the largest portion of the internet. Private information and pages from businesses, libraries, medical facilities, academic institutions, governments, international organizations, and so forth are a few examples of pages found in the deep web.
The portion of the internet that can only be accessed with the Tor browser is known as the "Dark Web". It is often referred to as the darknet or the uncontrolled internet segment. The dark web operates differently from the ordinary online and is inaccessible using standard browsers. Dark web websites do not end in.com or.gov, even when utilizing Tor. Instead, a haphazard combination of characters and numbers typically makes up URLs. They finish with “. onion” extension as well. Dark web sites are harder to find than most other platforms on the internet since their URLs are frequently changing.
BIRTH OF DARK WEB
The dark web is only an expansion of a person's right to privacy and freedom of speech, and it is lawful. It is only unlawful when users' behaviour on the dark web violates the law. Free communication between journalists and whistleblowers can be secured on the dark web. The dark web allows people from nations with stringent internet laws to converse freely. The dark web is frequently used for the acquisition of illicit products and commodities, and as cryptocurrency payments are anonymous, bitcoins are frequently used.
The U.S. Naval Research Laboratory created the TOR network, which was initially made public in 2002. By taking advantage of a network of willing nodes—more than 3,000 as of now—that are in charge of directing encrypted requests so that the traffic can be hidden from network monitoring instruments, it enables anonymous conversations. Surface websites (also known as rogue TLDs) that have their domain names registered on a different DNS root. These are websites for which registrars other than the Internet Corporation for Assigned Names and Numbers (ICANN) were used to register the hostnames. On the other hand, dark websites are housed on systems that call for specialized software in order to access the content provider. Systems like this include websites hosted on the Invisible Internet Project (I2P) network and the concealed services offered by TOR. These websites are typically also recognized by an unusual domain name that needs to be resolved to a routable endpoint using the same program (Mirea, 2018; Kaur, 2020).
BENEFITS OF DARK WEB
- Privacy and Free Expression: People can freely express their opinions and protect their privacy thanks to the dark web. For anyone who might be harassed by stalkers or other criminals, this is crucial. Additionally, it may be difficult to have open conversations in public when prospective employers are monitoring social media activities.
- Resistance to Censorship: As an encrypted overlay network, the dark web is more impervious to censorship than the surface web, which is subject to restriction at certain choke points. This makes it a useful forum for the exchange of sensitive information between journalists, whistleblowers, and professionals who run the danger of being singled out for surveillance.
- Support from Organizations: The Electronic Frontier Foundation and Human Rights Watch support access to and usage of the dark web.
SUGGESTION IF YOU WANT TO ACCESS THE DARK WEB
The URLs to a particular website are not completed with .com,.gov, or any other letter; instead, they are a random string of letters. Here are a few suggestions, and it is recommended not to visit the dark web with safety.
- It is recommended to use a secure and no-logs VPN, which will act as a Private Internet Access.
- After installing and logging into VPN app onto your computer, change VPN protocols to OpenVPN or WireGuard, enable the kill switch, and ensure any leak protection features are switched on.
- Download and install Tor Browser from the Tor Project website.
- After installation, launch the Tor Browser and click Configure Connection.
- In Settings > Search, change the default search engine to DuckDuckGoOnion.
- Under Privacy & Security tick below checkbox options:
- Always prioritize Onion sites.
- Delete cookies and site data when Tor Browser is closed.
- Under Permissions - “Block pop-up windows” and “Warn you when websites try to install add-ons”.
- Choose the "Safest" mode from the Security menu. This will ensure that all video files are click-to-play, disable all JavaScript, and block specific graphics.
- Turn on HTTPS-Only Mode for every window.
- In the upper right corner, click the purple Connect button. Now that you're linked to the Tor network, you can browse the Dark Web without risk.
- Remember -
- Users should be aware of the potential risks associated with the dark web, including the ease with which malware and hackers can compromise their device.
- Although TOR is accessible on mobile devices, it is strongly discouraged from using a smartphone to browse the dark web as this could result in privacy violations and the theft of personal information.
- A user's online behaviour may be easily tracked, and with smartphones, this is made much simpler by the GPS tracking that many apps employ.
- Furthermore, abstain from engaging in any unlawful activity.
- Don't share any personal information because it's difficult to determine whether a website is legitimate and safe on the dark web because SSL certificates aren't used very often there.
- If you are unable to obtain a recommendation from a reliable source, check the URL with several other sources. Never blindly believe a dark web link.
- Clicking on unfamiliar links should be avoided as they may contain objectionable or dangerous content.
- Recall that even while law enforcement and other government organizations may be keeping an eye on you, the dark web may still be a shelter for criminal activities.
WIDELY USED BROWSER FOR ACCESSING DARK WEB
There is no gate leading into the Darknet's hidden realm; instead, one must navigate via the "Onion Router," or TOR, as it is known. "The Onion Router" (TOR) is an open-source web browser that allows users to remain anonymous. An individual's internet activity is routed across multiple IP addresses and hosts in order to attain this anonymity. The word "onion" refers to the layers of information that must be accessed because, in contrast to standard web browsing, the computer does not establish a direct connection with the server hosting the website. Instead, the link is used by a whole chain of servers to provide the highest level of anonymity. By using TOR, users can visit the dark web and stay anonymous on the surface web. As TOR is not infallible, using a VPN is always advised.
While you are using TOR for surfing dark web, when your journey comes to a conclusion; you have arrived at your destination. This is the location where the Deep website you want to download is stored. All that this internet server is aware of is the exit node's IP address. The other servers, in addition to your PC, do not need to be known to the web server. Between the notebook and the entry point, all information packets are encrypted. The encrypted package is obtained by the entry point, which then repacks it and appends the sender IP address and speech of the TOR node. The package is subsequently transferred to the TOR node, which effectively performs the same function as the sender - it flags the package's IP address and delivers the complete contents into the exit node's speech without opening the package. As the site only knows the address of the exit node and each of those individual cases only knows its nearest neighbour, the source device's IP address is kept secure in this way. The user maintains their anonymity in this way.
As the creators of TOR believe HTTP to be so untrustworthy, they automatically append a certificate to each HTTP connection, turning it into an HTTPS connection.
Hornet (Highspeed Onion Routing Network) and I2P (Invisible Internet Project) are also well-known options for TOR.
DARK WEB IS POPULAR AS A MARKETPLACE OF CYBERCRIMINALS
Drugs, Unregistered weapons, credit cards, stolen or falsified documents — all of these things should not be available on the Darknet according to current legislation. More and more, IT experts with nefarious intentions will be recruiting over the Darknet. The Darknet is a cybercriminals' paradise, offering everything from virus creation kits and spam campaigns to overload attacks (DDoS attacks) designed to bring down websites and Web services. Usually, payment is made with one of the several electronic cryptocurrency types, which can also be made anonymously. A recommendation system is used by several underground forums to authorize new retailers. businesses who have been deemed "trusted" by other, operating businesses are granted admission to new customers. In certain cases, customers must also wait to read anything on the website and make purchases until they have been approved by the owner and have paid a "membership fee" or deposit.
Users must have a working knowledge of the frequently changing URLs in order to access the dark web. They can also utilize a reliable search engine to locate the precise dark web domains. A few items of information that can be obtained through dark web browsing are listed below (Akhgar, 2021; Samtani, 2022).
- Black markets
- Bitcoin and cryptocurrency websites
- Email services, fora, and other forms of anonymous online communication
- Botnets
- Fraudulent or otherwise dangerous dark web sites
PROBLEMS ASSOCIATED WITH DARK WEB
As described below at high level, there are several problems which needs to be considered while considering dark web.
- Many Criminal Activities: The dark web has the potential to empower common people but can also aid in criminal activity. The dark web and cryptocurrency make it simpler to execute major crimes like paying someone to commit murder. The deep web has developed into a centre for criminal activities, including the sale of illicit weapons and drugs, contract killings, and the operation of profitable black markets powered by virtual currencies like Bitcoin.
- Privacy Violations: The dark web can be used to breach other people's privacy even while it guarantees anonymity to its users. On the dark web, anyone can swap bank information, medical records, and stolen private images.
- Slower Search Engines: Because there is more stuff to evaluate, deep web search engines operate more slowly than traditional search engines. Effective searches necessitate precise search phrases.
- Ethical Dilemmas: Sensitive personal information from restricted databases may be returned by deep web searches, posing moral conundrums and making people more vulnerable to fraud and identity theft.
DARK WEB MONITORING TOOLS
Illegal underground dark web markets that sell contraband across international borders are often seen as a dangerous feature of the dark web. Below are few popular tools used for monitoring dark web.
- Falcon X Recon: CrowdStrike introduced Falcon X Recon, a proactive data collection and intelligence solution that alerts users to fraudulent activity, stolen data, business threats, and tools and exploits that adversaries may be using. By gathering extensive and comprehensive data from digital sources, it improves situational awareness, assisting security teams in identifying potentially dangerous activities and strengthening the protection of their personnel, sensitive data, and brand.
- DarkOwl Vision: a threat intelligence service that uses the Dark Web as a source of data.
- Echosec Beacon: searches the Dark Web for financial and personal information that has been pilfered, as well as compromised account credentials.
- SpyCloud ATO Prevention: Using a threat intelligence database compiled from Dark Web scanning, account takeover prevention is possible.
LEGALITY WHILE ACCESSING DARK WEB
When someone asks me question about whether surfing dark web has legal concerns or not, I always say if someone is performing illegal acts even on surface web or dark web, it can be considered as a crime. It really depends on purpose or use of the technology. It is not against the law to access the dark web itself. On the other hand, it is unlawful to carry out illicit activities there. It would be against the law to buy illegal narcotics or weapons on the dark web. Keep in mind that national legal systems have different requirements, so when traversing this undiscovered area of the internet, always do your research and make wise choices.
References
Akhgar, B., Gercke, M., Vrochidis, S. and Gibson, H. eds., 2021. Dark web investigation. Springer Nature.
CLULEY, Graham. “23-Year-Old Alleged Founder of Dark Web Incognito Market Arrested after FBI Tracks Cryptocurrency Payments.” Hot for Security, 22 May 2024, www.bitdefender.com/blog/hotforsecurity/23-year-old-alleged-founder-of-dark-web-incognito-market-arrested-after-fbi-tracks-cryptocurrency-payments/.
Kaur, S. and Randhawa, S., 2020. Dark web: A web of crimes. Wireless Personal Communications, 112, pp.2131-2158.
Mirea, M., Wang, V., & Jung, J. (2018). The not so dark side of the darknet: A qualitative study. Security Journal, 32, 102–118.
Pawar, Shekhar, and Poonam Pawar. “BDSLCCI.” Notionpress.com, 27 July 2023, notionpress.com/read/bdslcci.
Samtani, S., Chai, Y. and Chen, H., 2022. LINKING EXPLOITS FROM THE DARK WEB TO KNOWN VULNERABILITIES FOR PROACTIVE CYBER THREAT INTELLIGENCE: AN ATTENTION-BASED DEEP STRUCTURED SEMANTIC MODEL1. MIS quarterly, 46(2).