Going Deeper: Exploring the Deep Web
View research paper: Below the Surface: Exploring the Deep Web
Following the two-year investigation leading to the Silk Road’s takedown in 2013, Ross Ulbricht, aka Dread Pirate Roberts (DPR)—founder and mastermind of the illegal narcotics marketplace formerly run in the Deep Web—was sentenced to not one, but two life sentences in May 2015.
Ulbricht’s billion-dollar black market was, in many ways, the first of its kind, integrating online drug sales and money laundering. However, security experts think that it certainly won’t be the last. Other copycat sites like Agora, Silk Road 2, and Evolution have sprouted since Silk Road’s seizure. Previously, we examined the different networks that guarantee anonymous and untraceable access to Deep Web content, the most recognizable of which is the infamous TOR.
What We Don’t Know about the Deep Web
The Deep Web, simply put, is the unindexed portion of the Internet. It is invisible to everyday users because its pages and elements cannot be reached using typical search engines. The Deep Web is often associated with TOR, Freenet, and other anonymizing networks. All three can be classified as darknets, and are a part of the Dark Web—a section of the Deep Web that requires highly specialized tools or equipment to access.
The Deep Web can best be pictured as a subterranean mining operation in terms of scale, volatility, and access. Certain parts of the Deep Web are unreachable via traditional means, making it a digital safe haven for cybercriminals or those looking for a place to trade illegal goods and services.
Illicit drugs, for example, can easily be acquired in the Deep Web. But contraband isn’t the only thing people are after. We’ve discovered that users can also obtain the following:
- Bitcoin and money-laundering services
- Stolen accounts for sale
- Passports and citizenships for sale
- Leaked details on government, law enforcement, and celebrities
- Assassination services
It is important to note, though, that these are merely just a few of the items being traded in the Deep Web. In addition to the trade of illegal goods and services, cybercriminals also use the Deep Web for their operations. For example, we have seen them use TOR as part of the malware configuration of prominent threats like VAWTRAK and CryptoLocker. They do this in order to avoid detection.
The research paper Below the Surface: Exploring the Deep Web offers a look into the duality of the Deep Web—how its ability to protect anonymity can be used to communicate freely, away from censorship and law enforcement, or be used to expedite dubious or criminal pursuits. It also briefly touches on the Deep Web’s impact on the real world, and offers a forecast on how it could evolve over the next few years.
Visit the Deep Web section of the Threat Intelligence Center for more on the Deep Web and the Cybercriminal Underground
Like it? Add this infographic to your site:
1. Click on the box below. 2. Press Ctrl+A to select all. 3. Press Ctrl+C to copy. 4. Paste the code into your page (Ctrl+V).
Image will appear the same size as you see above.
- Ransomware Spotlight: TargetCompany
- Email Threat Landscape Report: Cybercriminal Tactics, Techniques That Organizations Need to Know
- Preventing an Imminent Ransomware Attack With Early Detection and Investigation
- Inside the Halls of a Cybercrime Business
- Securing Cloud-Native Environments with Zero Trust: Real-World Attack Cases