Shining some light on the Dark Web
By Eric Chan July 11, 2016
- The hidden layers of the Internet are a hive of criminal activity
- Here are five tips to stay safe
MOST Malaysians learnt about the Dark Web following the recent shocking revelations that British paedophile Richard Huckle had sexually abused up to 200 children in Malaysia over a few years, and that he had taken horrific pictures and illicit videos and posted them on the Dark Web.
Many experts believe that only approximately 30% of the Internet is indexed by search engines such as Google, while the remaining 70% is not searchable. This part of the Internet is most commonly referred to as the Dark Web.
The Dark Web, Deep Web, Hidden Web, or Invisible Web are the non-indexed parts of the Internet. This includes websites, chat channels, forums, and FTP (file-transfer protocol) sites accessible only through a series of high-level passwords and secret codes, known mostly to the underworld of cybercriminals.
Within the Deep Web are layers of abstraction that are differentiated by content, secrecy and difficulty in accessing them. The Dark Web is what lurks out of sight and beyond the reach of common Internet users.
The World Wide Web is divided into five levels:
- Level 1: The common or ‘Open to the Public’ part of the Internet or Web.
- Level 2 – Surface Web: This includes services such as Reddit, Digg, and temporary email services. It is essentially a communications platform, where you find chat boards and other social enabling content. It is not difficult to reach or obscured in any fashion.
- Level 3 – Bergie Web: This includes other services besides WWW or Web services such as Internet newsgroups, FTP sites, honeypots, Google-locked results, and other sites such as 4Chan. Again, this level is relatively simple to reach if you know where you are going.
- Level 4 – Charter Web or Deep Web: This layer consists of hacker groups, banned media, activist communications, and other darker layers of online society. Sites on this layer are not found using typical Web search engines. To access these sites, you must be invited by an existing member.
- Level 5 – the Dark Web: This is where access is strictly via TOR network or other private networks. There is a variety of legal and illegal content on these sites; the latter may include illegal materials such as drugs, human trafficking, bounty hunters, rare animal trade, hacker exploits, and other black market items and topics. The Dark Web is also referred to as the TOR network.
What is TOR?
TOR, short for The Onion Router, refers to both the software installed on one’s computer to run TOR, and the network of computers that manages TOR connections.
TOR enables one to route web traffic through several other computers in the TOR network so the party on the other end of the connection cannot trace the traffic where it originated.
As the name implies, TOR creates a number of layers that conceal your identity from the rest of the world.
TOR makes it possible for users to hide their locations while offering various kinds of services. By using TOR ‘rendezvous points,’ other TOR users can connect to these hidden services, each without knowing the other’s network identity.
Whenever we log onto the Internet using our computers, smartphones or tablets, we would invariably leave a trace as each device has a unique IP (Internet Protocol) address. It is like an online fingerprint which ultimately can be traced either by law-enforcement authorities, or worse, cybercriminals.
As users, we have no control over the way a website secures our login data. Therefore, it is important that we secure our personal information.
Here are simple security tips to help Internet users minimise the risk of personal data compromise:
1) Update your web browser
Cyber-attackers usually target flaws and vulnerabilities in outdated browsers and plugins. It is always a good idea to have your web browser update automatically by enabling the feature on the browser.
2) Change passwords regularly
The password is the first line of defence against cybercriminals’ unauthorised access. For important websites such as banking, social accounts, and email, one must never recycle the password. Change these passwords as frequently as possible.
A good and strong password always revolves around complexity. The more intricate it is the better. Lengthening and combining numbers, symbols and letters in both uppercase and lowercase are good practices.
3) Data encryption
Securing sensitive data must be a top priority. Consider encrypting your data with advanced encryption tools which will help prevent unauthorised individuals from reading confidential files or messages.
4) Be wary of public WiFi
The nature of a public WiFi network is open and thus, the network could be full of compromised devices or the hotspot itself could be malicious.
If you are planning to get connected to a public WiFi network, avoid doing anything that involves sensitive information such as online banking even when the sites are encrypted with HTTPS.
5) Filter what you share on social networking sites
The Internet offers numerous platforms for people to interact and share information with one another. Undeniably, it is relatively easy to get caught up with the social aspects of sharing too much information on your social media.
It’s up to you
Always practice self-regulation whenever you are on the Internet. Be mindful of what you say or share with others.
Information about yourself such as name, age, birthday, address and location should be kept private. Such personal data may provide valuable clues for cybercriminals to crack your security verification.
Eric Chan is Fortinet’s solution consulting director for South-East Asia & Hong Kong.
Of the Dark Web, online sex offender registries, and paedophiles
Unpeeling the Dark Web with OnionCity
McAfee report looks at ‘dark web’ industry, data breaches
For more technology news and the latest updates, follow us on Twitter, LinkedIn or Like us on Facebook.