#howitworks: The Dark Web
The #howitworks series aims to help readers to gain a basic understanding of important technologies and related security implications. This series is a part of Cybersecurity Awareness Month, which is dedicated to raising awareness about cybersecurity issues and data protection.
The rise and fall of Silk Road
While Ross Ulbricht was earning his master’s degree at Penn State University, he was struck with an idea. What if there was a website that allowed people to buy anything in a completely anonymous way? In February 2011, Ulbricht became the mysterious user Dread Pirate Roberts, the creator and operator of the Silk Road site. Silk Road became the first digital black market in the modern technological age. In many ways, the site offered features similar to legitimate ecommerce websites like Amazon, offering publicized customer ratings and feedback. However, in addition offering legal items such as books, art, and clothing, Silk Road offered computer hacking services, illegal drugs, and weapons.
In the 2 years that Ulbricht operated Silk Road, the site amassed more than 100,000 buyers and generated over $1 billion in sales. In October 2013, FBI agents shut down Silk Road and arrived at a public library to arrest Ulbricht, who was sitting in the science fiction section and using the free Wi-Fi to log onto the site. At the time of Ulbricht’s arrest, he had earned an estimated $420 million from the marketplace transactions.
Deep Web vs. Dark Web: An Important Distinction
So why did it take 2 years for law enforcement to shut down Silk Road? Primarily because Silk Road did not operate within the open internet, but rather a hidden subset of the World Wide Web. This part of the internet, known as the dark web, is undetected, anonymous, and exclusive.
The deep web is the so-called underworld of the internet that is hidden from search engines such as Google and Bing. Users cannot access the deep web via conventional browsers. The deep web is often described as the part of an iceberg lying underneath the surface of the ocean, which is analogous to the fact that the deep web cannot be accessed through the public Internet. While the deep web is usually considered as a hub for online crime, this aspect of the Internet can also include legitimate pages such as private databases, password-protected consumer and medical sites, and government indexes.
The dark web is often used synonymously with the deep web, but it is actually the smaller part of the deep web that facilitates private communications. Returning to the iceberg analogy, if the deep web is the entire portion of the iceberg beneath the water’s surface, then the dark web constitutes the very bottom of the iceberg. The dark web is intentionally hidden, and its encryption-based services enables it to be a very popular platform for which users can buy and sell illegal goods and services.
How does the dark web work?
In order to access the dark web, users must download a special type of browser called The Onion Router (Tor). Tor browsers can be actually used to access the public web, thought they are primarily used to connect to the dark web. While many public websites have the domains “.com” or “.edu,” the dark web sites accessible via Tor browsers share the domain “.onion.” Additionally, Tor site names are extremely difficult to memorize because they consist of random alphanumeric strings. Many organizations have made these so-called onion sites. For example, the CIA’s onion site can be reached at ciadotgov4sjwlzihbbgxnqg3xiyrg7so2r2o3lt5wz5ypk4sxyjstad.onion.
Why is the dark web so effective at helping users remain anonymous? The answer is through layered encryption. Specifically, Tor networks bounce service requests through numerous servers, known as nodes, adding many layers of encrypted data so that the transmitted information is extremely difficult to decrypt. These nodes are like layers of an onion, passing browsing requests through until they reach the destination sites. Each of these private computer networks are frequently known as darknets, facilitating communication between users without tracking information like user location or IP address.
Uses of the dark web
The Silk Road case serves as a demonstrative example of how the dark web can be used, but what other cases exist? Below are some of the most well-known occurrences on the dark web – some of these may be surprising!
Edward Snowden – The world is familiar with the story of Edward Snowden, the former NSA and CIA employee-turned-whistleblower who leaked classified information about global surveillance programs. But how did he publicize this top-secret data without detection? Snowden, using the codename Verax, leveraged the dark web to establish encrypted email channels with journalists and sent them sensitive documents regarding the NSA’s PRISM surveillance program.
The capture of Ngô Minh Hiếu - Ngô Minh Hiếu, a Vietnamese hacker and international criminal, used the dark web to execute one of the largest identity theft schemes in history. Specifically, he hacked enterprise databases, stole personally identifiable information (PII) of 200 million US citizens, and sold the data to cybercriminals on the dark web. However, although the dark web helped facilitate Hiếu’s crimes, it also led to his downfall. In February 2013, the US Secret Service used the dark web to entice Hiếu to travel to Guam for a “business deal.” He was then arrested and sentenced to 13 years in US prison.
Operation DisrupTor – Operation DisrupTor was one of the biggest international dark web takedowns in history. The operation was a collaborative effort by many US law enforcement agencies to target drug traffickers operating on the dark web. Operation DisrupTor culminated on September 22, 2020, when local law enforcement in 6 countries arrested 179 drug traffickers, confiscated 500 kilograms of drugs , and seized USD 6.5 million in cash and cryptocurrency.
Want to learn more about a specific technology during Cybersecurity Awareness Month? Leave a comment down below with your suggestions!