Darknet concept, inscription on metal cubes isolated on dark background
Crisis Management

What lies underneath the Internet?

The Dark Web is an incredibly sophisticated marketplace, with customer satisfaction ratings, but it is also a market for stolen data and companies need to be aware of this

Even chief executives are afraid of the dark now. Just as they have taken their heads from under their corporate duvets to get to grips with the Internet, a shadowy online force could be their undoing.

Created to give publishers of its content absolute anonymity, the Dark Web has instead become a ‘subculture of trolls and pornographers, drug dealers and hackers, political extremists and computer scientists, Bitcoin programmers and self-harmers and libertarians and vigilantes’. That’s according to Jamie Bartlett, director of The Centre for the Analysis of Social Media at think tank Demos and author of the book The Dark Net.

He paints it as a ‘vast and often hidden network of sites, communities, and cultures where freedom is pushed to its limits and where people can be anyone or do anything they want’. It is ‘as creative and complex as it is dangerous and disturbing,’ he adds, and it is ‘much closer to everyday life than anyone outside it thinks’.

Investigators say entire customer databases of companies are frequently offered for sale there – all paid in untraceable Bitcoins. DIY corporate hacking kits are also on sale. A Portsmouth University study, however, found that the most commonly requested content was child pornography, while the Dark Web’s Wikipedia entry states it is used by paedophiles and terrorists and can contain sexualised torture and killing of animals and revenge porn.

‘You can buy submarines, drugs, weapons, people, security passwords and credit card numbers,’ says Steve Shepherd, head of cyber risk at investigations and cyber security consultancy Animus. ‘The amount of data on it is truly enormous. The last estimate I saw put its size at 7,500 terrabytes. The regular Internet only takes up about four per cent of that.’

It’s very easy to get ripped off on the Dark Web so there are peer-to-peer ranking systems like those on Uber and Airbnb

Communication on the Dark Web is highly-encrypted, allowing users to talk, blog and share files confidentially and untraceably. Given that it’s virtually impossible to even find who has posted damaging material, let alone get it removed, it’s easy to see why this would give communicators nightmares.

But should we really be afraid of the Dark Web? What exactly is it? How does it work and what can be done to safeguard companies from untraceable reputational harm committed on its servers? Any understanding of this starts with accurate definitions, believes Dave King, chief executive of online reputation and digital intelligence firm Digitalis Reputation.

Although the Dark Web or Net and the Deep Web are often used interchangeably, they describe different things, with the latter concerning portions of the Internet that, though easily and publicly accessible, are not indexed.

The Dark Web, meanwhile, is a collective description of many servers and sites that are encrypted to avoid unwanted detection. Some exist on networks and are accessed by freely-downloadable purpose-built browsers such as The Onion Router (Tor) and Invisible Internet Project (I2P). Others reside on standalone servers, published via an Internet protocol address without a memorable www address or any other way to find them.

Because the data on them is encrypted, even if someone beyond their narrow, specific user-base were to happen upon the location, they would not be able to decipher the information. ‘By definition, sites are often built not to be found,’ says King. ‘Narcotics, paedophiles and firearms are increasingly active on the Dark Web but so too is the hacking community. There are state-sponsored hackers; opportunists or hobbyists and hacktivists.’

Dark Web sites can vary enormously in sophistication. One analyst says their design often looks like the Internet of ten years ago. However, they can also be sophisticated retail marketplaces with shopping trolleys to purchase hacking or other illicit services.

James Chappell, chief technology officer at Digital Shadows, a London digital risk monitoring company, even believes that some Dark Web sites are superior to Amazon.com. ‘Ironically, reputation plays a critical role in the criminal economy,’ he says. ‘It’s very easy to get ripped off on the Dark Web so there are peer-to-peer ranking systems like those on Uber and Airbnb.

‘Cybercriminals are innovating at a rate that almost outstrips the regular digital world. Some Dark Web sites provide fantastic customer service because when you place an order on the Dark Web, you need to know whether you can trust the supplier. Pretty much all Dark Web sites have some sort of reputation infrastructure built into them to ensure that consumers and vendors are able to conduct business in a meaningful way.’

Shepherd has seen Dark Web sites where people buying credit card numbers are given five or ten for free, just to prove they work. All this makes the Dark Web a major threat to corporates, says Liviu Arsene, senior e-threat analyst at Internet security firm Bitdefender.

‘Dark Web services like Tor have been built for privacy,’ he says. ‘They’re designed to circumvent any sorts of censorship or filtering at the Internet service provider level. These filtering mechanisms might make specific data loss prevention solutions not work, which could have devastating effects on sensitive corporate information. By using Tor, disgruntled employees could transfer proprietary information without authorisation to secure drops or to third parties without raising any red flags with the IT team.’

Knowledge of the Dark Web is not said to be strong among in-house corporate communicators and public relations agencies.

Companies do need to worry about the Dark Web but what they need to worry about is that it is a market for stolen data. It’s a place where you hide illegal activity and there’s no equivalent of Google

‘I am afraid the Dark Web doesn’t really come up at all in my work,’ says one head of technology at a major London corporate communications agency who regularly gives presentations on cyber risks. ‘I advise clients generally on cyber security from a risk and reputation perspective.’ That might seem shocking, given how rapidly the Dark Web is developing.

An increasing number of firms now offer protective services, ranging from collecting its data to producing locking software that protects credit cards and bank account details. Block-chain technology can also be used to encrypt corporate data and divide its storage across a range of networks to protect it from hackers.

Digital Shadows offers ‘cyber situational awareness’ services that help organisations protect against attacks on the anonymous and private web and Chappell believes communicators and other executives would benefit from gaining access to the Dark Net to gauge the risks that exist there. ‘It’s definitely worth exploring,’ he says. ‘It depends what type of business you are. If you know what’s going on around you, you can make better, smarter decisions and are better-placed to respond. We provide a service where corporates can go and look at content on the Dark Web and monitor mentions of their assets, employees and other things that are important to them.

‘Removing content is exceptionally challenging, so it’s better to respond to what you find there. If credit card numbers are published, banks can get them stopped. If passwords are being sold, they can be reset. And if there’s a threat to one of your people, you can brief them so they’re more aware of what’s going on.’

Shepherd warns against communicators intervening personally. ‘Threats to corporate reputations are actually less of an issue on the Dark Web than on the open Internet,’ he says. ‘Companies do need to worry about the Dark Web but what they need to worry about is that it is a market for stolen data.

‘It’s a place where you hide illegal activity and there’s no equivalent of Google. A danger at the moment is that executives at some organisations are trying to access the Dark Web to see what goes on there and ending up getting their company systems infected by Trojan viruses.

‘We put up a big red flag against that. We’ve seen the results of people reading on the Internet that all they need is a Tor browser to get onto the Dark Web. They often end up being encrypted and losing all their data. Corporates should make it clear to staff that this is a prohibited group of sites that they should not be attempting to enter.’

A danger at the moment is that executives at some organisations are trying to access the Dark Web to see what goes on there and ending up getting their company systems infected by Trojan viruses

A gut reaction is to lobby governments to shut down the Dark Web activities and they have indeed shut down versions of the Silk Road marketplace, best-known for selling illegal drugs. However, Shepherd warns: ‘You can shut individual components but the nature of the Dark Web is autonomous units so unless you capture every unit, it will keep working.’

Chappell says illegal activities account for a tiny proportion of what is on the Dark Web, much of which has legitimate origins. Tor, for example, was actually set up by the US Navy to help officers send messages home anonymously and is still believed to receive some US government funding, alongside finance from non-governmental organisations and civil rights groups.

‘The vast majority of the use of Tor and I2P technology is perfectly legitimate. On Tor alone, there are about 60,000 dot-onion websites and only a few hundred where there are trades. It really is a very small proportion,’ says Chappell.

‘Companies need to think of this as the criminal Internet, rather than just the Dark Web, because criminality is all over the Internet, not just on Tor and I2P. I think we have demonised the technology whereas in reality we’re just seeing the digitalisation of crime.’

Libertarians also say that making accessing the Dark Web a crime would have implications for privacy, freedom of speech and democracy as political dissidents use it to communicate and build movements for laudable and lawful protest and reform. Facebook, for example, is said to have established a presence over Tor as part of chief executive Mark Zuckerberg’s commitment to freedom of dialogue in nations with restrictions on open expression.

I think we have demonised the technology whereas in reality we’re just seeing the digitalisation of crime

King says intelligence gleaned from the Dark Web can also assist corporations in combating hacking attacks. Before such attacks, there is commonly chatter amongst the criminal hacking fraternity on the Dark Web, with spikes evident around corporate announcements. If a company is in the news for damaging the rainforest or treating consumers unfairly, there may be calls on the Dark Web to cyber-attack them.

Hackers also like to punish hubristic chief executives who boast about how strong their cyber defences are. Some government agencies and cyber security firms therefore establish avatar personas with which to engage in the Dark Web so they can pose as customers and identify likely attacks.

After attacks, the Dark Web can also be trawled to try to trace stolen company or consumer data on sale there.

As for where the Dark Web goes from here, experts expect there to be increasing demand from regular Internet users for more privacy online, noting that there was a surge in registrations for private email after President Trump was elected last year.

‘I think that portions of the Dark Web are going to become legitimised,’ says Shepherd. ‘It depends on how many restrictions are overlaid onto the standard web. As soon as people see that is being inhibited in any way, they will simply move onto dark sites.’

This article first appeared in issue 112