The Dark Web

What are the Types of Darknets? 

The types of darknets that can access the Dark Web number many. A darknet is essentially the means by which a person accesses content on the Dark Web. Let's take a look at some of the more common examples of available darknets:

• Tor (The Onion Router) - An open-source toolset designed to enable anonymous communication, Tor会话通过由数千个中继组成的志愿网络重定向流量，这些中继隐藏了网络跟踪和分析工具的原始位置.
• Zeronet -这是一个分散的点对点用户网络，利用比特币私钥而不是IP地址. The private key allows changes to be made that then propagate through the network. 
• Tribler - This is an open-source BitTorrent client that allows anonymous peer-to-peer connections. 
• Invisible Internet Project - An anonymous, peer-to-peer solution using over 50,000 volunteer computers to allow random routing paths through the network, 隐形互联网项目可能提供的路径数量使监视和跟踪变得不太可能. 
• Riffle -这是麻省理工学院开发的网络匿名工具，用于处理与TOR功能相关的问题. It is typically much faster than Tor-based networking. 
• GNUnet - This is a decentralized, 在最常见的连接类型和协议(WiFi)上运行的点对点网络框架, Bluetooth, HTTP/S, TCP, and UDP). It allows for communication, encryption, and peer discovery. 

How to Access the Dark Web

In attempting to access the Dark Web, there’s an invisible line that a person acknowledges they’re crossing – or maybe they don’t. Either way, no one is accessing the Dark Web with a sense of optimism.

Tor, for example, uses multi-layered encryption to create anonymous communication over a computer network. Unpacking these layers of encryption is sort of like peeling an onion.

Is it Illegal to Access the Dark Web? 

This is where things might get just a bit confusing, as the Dark Web is nearly synonymous with illegal activity. Indeed, the vast majority of activity taking place there is illegal.

So, believe it or not, it’s not illegal to access the Dark Web; there are actually reputable brands and companies who have sites accessible via the Dark Web. It can simply be a dangerous proposition to peruse the Dark Web and engage with whoever you may meet, especially if it means revealing any personal data.

What is the Dark Web Used for? 

The Dark Web is used by cybercriminals to buy and sell illegal goods and services, coordinate attacks, distribute malware and phishing kits, and share other prebuilt exploits. But, perhaps a big surprise to anyone thinking the Dark Web is just for criminal activity, it can also be leveraged for legitimate purposes. Let's now take a look at both use cases. 

Legitimate Uses for the Dark Web

There are many authoritarian governments across the globe, and people living under such regimes often need to anonymously communicate. In fact, 在这种情况下，人们通过虚拟专用网(VPN)使用暗网通常会安全得多。.

Many governmental organizations, several newspapers, and myriad tech organizations have a presence on the Tor network, which keeps their identities anonymous when interacting with the Dark Web. 这样做的原因可能是为了显示对隐私的承诺，或者允许人们匿名传递信息. 《pg电子》在Tor上有一个SecureDrop设施，CIA也有，它可以让任何想要秘密传递信息的人虚拟进入.

Accessing and using Dark Web protocols such as Tor is not illegal; it's just been adopted as the platform of choice by many bad actors who undertake illegal activities.

Nefarious Uses for the Dark Web

为那些出于合法原因希望匿名的人提供的保护，也为那些在现实世界中渴望私人通信的网络罪犯和罪犯提供了同样的匿名性. While the amount of traffic is small compared to the e-commerce taking place on the open web, there is no denying that the Dark Web is a haven for bad actors and illegal e-commerce activities.

暗网黑市上交易的非法内容和暗网上的非法活动分布在广泛的活动范围内，执法机构和互联网服务提供商(isp)花费大量时间试图打击这些活动. Nefarious-use examples include:

• Sale of illicit goods on Dark web marketplaces: Recreational drugs, illegal drugs, healthcare drugs (pharmaceuticals legal in some jurisdictions, but not all), firearms, and other items regulated on conventional commerce channels
• Cyberattack solutions and information: Sensitive information (like social security numbers, bank account details, 信用卡号)和其他个人身份信息(PII)，例如业务系统和个人社交媒体帐户的身份验证凭证
• Political activity政府利用在暗网上做广告的不良行为者进行他们不想公开的活动
• General criminal activity网络犯罪活动，如通过加密货币交易洗钱，以及为Netflix和其他流行的网络娱乐公司等看似平凡的服务出售被盗凭证

这些非法活动中有许多使用比特币和其他加密货币进行交易，以便卖家和买家保持匿名. This makes it difficult for law enforcement agencies like the FBI, CIA, and international partner organizations to disrupt illicit activities. It is not impossible, however, as evidenced by the tracking and disruptions of Dark Web networks such as the Silk Road. 

Some additional examples of materials for sale on the Dark Web could include: 

• Financial information: This is data that details access to bank accounts, wealth-management information, investments, and other private monetary information related to individuals or businesses. 
• Governmental secrets:此类别包括与国家国防或现役军事/网络情报活动有关的任何信息. 
• Trade secrets这类数据表示有关企业如何在其行业中保持竞争优势的信息. 
• Physical materials that aid in theft这一类的一个例子就是从销售点平台窃取信用卡数据的“略读”设备. 

What is the Difference Between the Deep Web and the Dark Web? 

深网和暗网之间的区别并不一定在于两者上存在的信息的“可寻性”, 因为这两种类型的在线信息库的特点是数据没有被谷歌或必应等搜索引擎索引. The main difference can be described by the following two aspects:

• Legality of content: Illegal content of the type we discussed above is the primary material available on the Dark Web. If you have the right browser to access dark sites, 这样一来，坏人就有可能接触到恶意内容，并有可能购买这些内容, should they so desire – without any roadblocks in between.
• Accessibility of content: That brings us to the differentiator between the Dark and Deep Web: accessibility. Content on the Deep Web typically isn’t of the nefarious sort, but it is usually gated. Examples of this would include private/encrypted files, content only available to paying customers or subscribers, and internal networks like a company intranet.

These differences aren’t necessarily clear-cut, as there are overlapping aspects between the Deep and Dark Web. 与表面网络(也被称为开放网络)相反，任何人只要有互联网连接就可以访问世界各地面向公众的网站, the Deep and Dark Web are attempting to house information that doesn’t necessarily want to be found. Therefore, it’s likely that not all deep- and dark-web file repositories represent good intentions.

As stated earlier, neither of these connected content repository networks are illegal to access. Indeed, 网络安全组织在进行威胁搜索或保护其网络或其客户的网络时，必须经常访问它们.

For instance, if a threat actor is in possession of stolen data from a large healthcare provider, 代表公司的安全人员可能会在整个暗网上进行大部分调查. Threat intelligence gathered from the Deep and Dark Web is likely to help future threat hunting teams when analyzing telemetry from beyond their own networks, such as the Deep and Dark Web.

How to Protect Yourself from the Dark Web

These days, 保护有价值的资产和数据免受威胁行为者的侵害似乎越来越困难. 对于在医疗保健等关键领域处理敏感数据的企业组织尤其如此, energy, and finance. That’s why it’s more critical than ever to go on the offensive.

Gain Visibility into Hacker Communities

Cybercriminals lurk in the dark web to methodically coordinate their attacks, sell illicit goods, distribute malware and phishing kits, and share other prebuilt exploits. 深入敌后，在最早的阶段识别威胁行为者和他们的意图，这样你就可以适当地准备你的防御.

Get Early Warnings of Targeted Attacks 

With proper monitoring resources, you can gain visibility into threat actors and their activities. 这包括访问受限制的通道和自动化情报收集，以预测针对您的组织的攻击, employees, and customers.

Discover New Hacking Tools and Ransomware Kits

Monitor exclusive dark web forums and the private channels of threat actors. In this way, you’ll uncover new cybercriminal tactics and tools used to automate attacks, test for weaknesses, and scam your employees and customers. It’s important to step into their shoes to understand how perpetrators can and will attack you.

Understand and Engage Your Adversaries

It’s critical to use a Dark Web monitoring solution that can keep a continuous eye on your adversaries and engage with threat actors. From these activities, the solution should be able to gather data samples, uncover motives, and help you deploy smarter cybersecurity workflows.

Read More on the Dark Web

The Dark Web: Rapid7 Blog Posts

Whitepaper: Dark Web 201