Popular media often depicts “The Dark Web” as a place of criminal activity that no law-abiding citizen would need to visit. The dark web certainly does offer criminals a platform to ply their trades, but it also guarantees a high level of anonymity and security for individuals to exercise their free speech rights without fear of retaliation from corrupt government officials, or to engage in secure financial transactions away from prying eyes. Most businesses still shun activity on the dark web, but in doing so they may be missing out on a certain value that the dark web has to offer.
The Structure of the Internet
What we refer to as “the internet” can be roughly divided into three layers: the surface web, the deep web, and the dark web. The surface web, which is where most users have interactions, accounts for less than 5% of all the information on the internet. The deep web comprises approximately 90% of all internet information, including government and academic resources, legal documents, and medical records, none of which are indexed in search engines such as Google or Bing. The dark web lies at the very bottom of the internet, where drug trafficking, illegal pornography, and other illicit activity takes place.
Deep and dark web resources can be accessed with a TOR browser. “TOR” is an acronym for “the onion routing” project, which was pioneered by government and law enforcement agencies in the early 2000’s in order to share information more privately. TOR activity is routed through huge networks of interconnected computers, which effectively shields a user by eliminating any connection between his actions and a single identifiable IP address.
Legitimate Dark Web Usage
Dark web communications are largely credited with facilitating the Arab Spring uprising in 2010 and 2011. Citizens of certain Middle East countries were able to use the Dark Web to anonymously exchange messages that would otherwise have led to their arrest and detention if government agencies had intercepted them.
Further, whistleblowers who seek to uncover corruption or wrongdoing but who fear for their freedom or their lives can download information into services like “Dead Man Zero” and other dead-man switches that promise to release that information in the event that they do not log in to the service periodically. The dark web has also given rise to Bitcoin and other block chain cryptocurrencies that individuals and businesses alike can use in legitimate ecommerce transactions where the stability of a traditional currency may be an issue. Microsoft, PayPal, and Dell Computer all currently accept Bitcoin as payment for their products.
The Dark Side of the Dark Web
Notwithstanding the potential benefits that the dark web has to offer in terms of privacy and information security, those same benefits attract cybercriminals who anonymously buy and sell their data breaching expertise to hackers, who then use that expertise to breach enterprise information systems and to steal corporate and user data. Shutting down the dark web and the anonymity that it offers is no longer possible. Accordingly, every enterprise needs to maintain a heightened sense of awareness of the increased risk of hacking that is made possible by anonymous exchanges of information and hacking methodologies among cybercriminals on the dark web.
That risk will always be present regardless of the firewalls and data security procedures implemented by an enterprise. A robust cyber insurance policy will help an enterprise to recover the financial losses it might experience in the event of a successful cyberattack on its information systems. Those losses may be connected to servers that are damaged or destroyed, customer data that is stolen by a hacker, or fines that are levied against an enterprise by regulatory agencies if the breach is perceived as a failure to erect required protections over customer data. Cyber insurance may not be able to cast light upon dark web activities, but it can keep an enterprise alive after it has suffered an attack that was made possible by dark web resources.
