Like billions of others, you probably use the Internet to find answers, buy consumer goods, communicate with others, enjoy leisure activities, and meet your professional responsibilities.
But how much do you really know about this vast, modern-day version of the Library of Alexandria?
For example, are you aware that the Internet you use is the “surface” web, and that it comprises only 4% of the entire network? Search engines index websites on the surface web, and these are the pages you see and use.
What about the remaining 96%? This is what’s known as the “deep web.” The deep web comprises the “gated” internet, or to put it simply, pages that aren’t easily accessible. The terms deep web and dark web are often used interchangeably. However, this is erroneous, because the two are not the same. Read on to learn more.
What Is The Surface Web or Clear Web?
On the internet, do you:
- Search on google?
- Read the news?
- Online Shop?
- Play games on Sporcle?
You access these and many other websites through an Internet browser like Firefox, Chrome or Internet Explorer, or through a search engine like Google. All these sites are part of the surface or “clear” web.
But if you think the surface web is a vast place, think again. The surface web is like a small lake compared to the vast ocean that is the deep web. Where the deep web accounts for approximately 7,500 TB of data, the clear web is only responsible for a mere 19 TB which is equivalent to 980,000,000 websites.
The Iceberg Analogy: How do they fit together?
Both the clear and deep web can be accessed through any regular browser but, as noted above there are distinct differences between the two. Despite this, they work together to provide the world’s most powerful websites. How can you best describe their compatibility? The Iceberg Analogy.
Many describe the deep web as the part of an iceberg that’s below water and the clear web is what’s visible above water. As many know, the iceberg illusion refers to the much larger portion of the iceberg that’s hidden beneath the water, just like the deep web.
To take the analogy one step further, the portion of the iceberg beneath the water serves an important role in supporting the tip of the iceberg. If the deep web didn’t support sites on the clear web, the clear web would not exist or be useless.
What Is The Deep Web?
The deep web comprises all the pages that are not indexed by search engines, and are therefore not visible on Search Engine Results Pages (SERPs). The likelihood that you’re using the deep web daily is high because the deep web doesn’t just refer to websites protected by passwords. It also includes websites that simply choose not to be ‘crawled’ by search engines.
The deep web contains data or content that’s stored in databases and that support services on the surface web, e.g., social media platforms or bank websites. Even parts of subscription paid subscription services like Netflix are on the deep web. Further, this content is usually password-protected or placed behind a paywall.
To access such pages, users must either know the account credentials or have a specific URL or IP address. Thus, although these pages are not technically “hidden,” they can be challenging to find, unless you know how to look for them. Yet, the deep web doesn’t just contain private databases, it also contains illicit goods and services, or what we like to call the dark web. But this is where it gets a little tricky, the dark web is considered part of the deep web because they are both not indexed by search engines. However, the two are not indexed for distinct reasons: for the deep web, it’s due to the pages being hidden behind login walls whereas for the dark web, these pages are not indexed because they are accessible on a different network (but more on that later).
Interestingly, many discuss the importance of dark web safety but, to the average internet user, deep web safety is more relevant. Particularly, due to the fact that you don’t need a special browser to search the deep web and therefore, you can end up on more dangerous web pages accidentally.
What Is The Dark Web?
If you’ve ever read anything about the dark web, you probably already know that the dark web was home to Silk Road, an online black market for illegal drugs. All transactions were carried out with bitcoin, ensuring the anonymity of both buyers and sellers. By the time it was shut down in 2013, Silk Road had handled over $1.2 billion worth of illegal goods and services.
The Silk Road was just one of dozens of dark web marketplaces that have cropped up over the years. To add complexity, many dark web marketplaces are mirrored, which allows malicious actors to mimic “legitimate” dark web markets and steal information from unaware would-be purchasers.
Although many people think of Silk Road when they hear the term, ‘the dark web’. There’s two critical pieces we must consider when defining it (that somewhat overlap):
- The dark web is defined by it’s restricted/anonymous access usually involving heavy encryption (TOR, Maybe signal Telegram, OpenBazaar, etc)
- The dark web is also defined by it’s communities – wherever those malicious group exchange information and complete transactions is where darkweb is. This concept alludes to the fact that the dark activity could also happen on the regular internet (referring to the internet that we can access using Chrome, Microsoft Edge, FireFox… etc.)
The dark web relies on connections between trusted peers and provides a degree of user anonymity since almost all transactions are carried out with cryptocurrencies like bitcoin, and the TOR network essentially prevents user tracking. It is these qualities that make it a haven for all kinds of criminal and illegal activity.
Dark Web Vs Deep Web
Especially to those that have not heard of the deep web before this guide, sometimes it is hard to differentiate between the dark web and deep web. Here’s a few pointers when talking about the dark web vs deep web.
The dark web is a part of the deep web. Most likely the easiest way to differentiate the two is by the type of content and activity. The dark web is where the genuinely dark (pun intended!) stuff takes place and only consists of thousands of sites. On the other hand, the deep web mostly consists of private files or subscriber-only databases rather than illegal information and it’s fair to say it’s much larger than the dark web.
|Dark Web||Deep Web|
|What is it?||Part of the deep web, intentionally hidden for illicit activity.||Part of the internet hidden from search engines.|
|Type of Content||Illegal transactions of goods and services, blackmarkets, stolen information||Private files, Subscriber-only databases|
|Size||5% of the internet||96% of the internet|
|Browser||TOR, I2P||Chrome, Firefox, Microsoft Edge,…etc.|
|Access||Gated with a different access protocol and heavy encryption, resulting in hidden IP addresses||Gated with credentials and login walls|
|Privacy and Anonymity?||Yes||Yes|
The dark web is even more challenging to access than the deep web since it requires specialized software, tools, and browsers. Two such popular tools are Tor (The Onion Router) and I2P. Ironically, the original onion routing technology behind Tor was developed by the U.S. Navy.
What Information Is Available on the Dark Web?
Virtually any kind of illicit, illegal, or criminal information not available on the surface web is available on the dark web. This includes stolen credit card numbers, medical information, bank account data, and personally identifiable information (PII). Not only can the information available be a company’s breached credentials from a malicious actor, but it can also be shared information from an employee’s accidental leak. There’s countless sources that cybersecurity teams need to monitor and scan in order to get the full view of your digital footprint. Without an efficient solution, information leaks can be easily missed, particularly, due to the wide variety of information leaks that your team may not be tracking.
What are the types of content available on the dark web? Although some might be more important than others, these contents can be incredibly valuable, depending on its sensitivity and volume. According to an investigation by Privacy Affairs, the average price of a cloned American Express credit card with a PIN is just $35. Still, if a hacker manages to steal thousands or millions of instances of card information, the payout can be massive. The average price of a hacked Coinbase verified account is much higher at $610. A criminal who compromises even 100 such accounts can expect to earn upwards of $60,000. These are rather common examples but, there are several things that malicious actors could be doing with your data.
Everyone from identity thieves, financial fraudsters, money launderers, drug cartels, murderers for hire, and human traffickers buy stolen data on the dark web. However, it’s not just information that’s such a popular currency on the dark web. Drugs, weapons, pornography, malware, and ransomware are all bought, sold, and traded in huge numbers. Buyers and sellers are protected by Tor, data encryption, and of course, cryptocurrency.
The Dark Web and Cybercrime After COVID
Since the outbreak of COVID-19, cybercrime has increased, and the dark web has played a part in this development. Threat actors have taken advantage of the chaos, panic, and worry following the pandemic to:
- Launch malware attacks against organizations. Particularly, as organizations’ attack surfaces have grown and are more susceptible to malware attacks due to work from home. In fact, Deloitte has reported that Switzerland had close to 350 cyber attacks in April 2020 when normally they average 100-150 cyber attacks.
- Encrypt their data and systems with ransomware and demand considerable ransoms to release these assets. In fact, our research team has found that ransomware attacks in 2021 have increased by 437% (from 2020 to 2021).
- Steal passwords and other credentials via phishing attacks and more
Is the Dark Web Good for Anything?
Surprisingly, yes. The same anonymity that protects criminals also helps protect the privacy of those who may otherwise be persecuted for their opinions, beliefs, or even identities. Similarly, the deep web is used for privacy and anonymity. Keeping your personal information private, along with other information you want to keep hidden.
Clear, deep, and dark web monitoring are crucial for companies in today’s cybersecurity environment. If you are concerned about your digital footprint, consider Flare’s Digital Risk Protection Platform. We enable your analysts to automatically scan the deep and dark web for threats, with real-time alerting and an AI driven prioritization engine to cut through the noise.