How Criminals Use the Dark Web for Illicit Activities

If not for hackers grabbing headlines every other day, we probably wouldn’t be talking about this topic. It wouldn’t have been as interesting. In fact, you would’ve never even noticed or known that there’s something called the Dark Web.

So what exactly is the Dark Web? To understand that, you first need to know what the “Deep Web” is. The Dark Web and Deep Web are different things and not a lot of people actually know that.

Let’s first start with the Internet that you know of in your daily lives. This is the traditional mobile web and Internet used by zillions of people worldwide. There is very little anonymity in these parts of the Internet. IP addresses are logged and cookies help marketing firms analyze user behavior and then annoy you with targeted advertising. The Internet as you know it is just the tip of the iceberg. A little piece of the whole thing. So when you’re browsing the Internet or hanging out at your favorite social media site, you’re barely scratching the surface of the Internet. You might wonder how that’s possible because Google is essentially the window to the World Wide Web, right? Not really. The sites that are known to Google, and hence to you, are just the sites that Google has “indexed”, meaning it has been there and kept track of the site.

And that brings us to the definition of the “Deep Web”. The Deep Web is that part of the Internet that is not indexed by Google. It’s hidden from the world and undiscoverable by standard search engines. So Google (or any other search engine) doesn’t know these pages exist and they don’t show up in Google search results. What pages might these be? Internal pages from your Internet Banking site or other such internal post-login pages, dynamic pages, and such.

Finally, we come to the “Dark Web”. This is the part of the Internet that is almost completely anonymous. You cannot access this part of the Internet with your standard web browser like Chrome or Firefox. One such pocket in the Dark Web is “TOR” (The Onion Router). You might have heard of TOR before. It’s used by cyber activists and cyber criminals alike.

TOR is a special anonymous network. Let’s say Alan, Bob, Carla, and Diana decide to start their own anonymous network…their own little Dark Web. Alan says he’ll be the entry point into the network and Diana says she’ll be the exit point. Bob and Carla say they’ll become the intermediate “nodes” between Alan and Diana. Alan and Diana effectively shield away the “outside world” of the Internet and help the intermediate nodes, Bob and Carla, become completely anonymous. Anything that goes on at Bob’s and Carla’s is unknown and invisible to the outside world. That’s how TOR and other such components of the Dark Web work, except it’s not just Alan, Bob, Carla, and Diana but several millions of such entry nodes, exit nodes, and intermediate nodes working together to create this invisible web. IP addresses are masked in this network and it offers near-perfect anonymity. 

What does the Dark Web contain?

The Dark Web is, unfortunately, a space that’s notorious for illicit activities, thanks to the anonymity it offers. Here are just some examples of what one could find on Dark Web sites –

  • Illegal drugs for sale as well as guides on how to make homemade illegal drugs.
  • Stolen identity information and health records on individuals across the world up for resale.
  • Hacked credit card and bank account details from across the world for resale.
  • Hacking as a service.
  • Human trafficking for sex or pedophilia content.
  • Satanist rituals.
  • Live stream gore content.
  • Hitmen looking for jobs.
  • Terrorist groups and their channels.
  • E-books on how to make bombs.
  • Illegal cellphones, computers, TV, household appliances, and topics on how to receive the ones you buy.

Stolen data on the Dark Web can be way cheaper than you think. And buying such data is quite an easy process – much like a cart checkout on an online shopping site on the regular web. To aid anonymity, you can buy software generated payment cards for untraceable purchases.

Make no mistake, we’re talking about some serious scale and volume of cybercrime. For instance, the Dark Web once hosted nearly 10 million medical records stolen from a large U.S. insurance company for sale at a price of 750 bitcoin (around $550,000 at that time). The data on sale included names, addresses, emails, phone numbers, dates of birth, and social security numbers.

The Dark Web is essentially home to a very large number and variety of criminal activities ranging from illegal goods, to drugs, to firearms. One of the most bizarre, and disturbing, examples of what goes for sale on the Dark Web is the “Assassination Market”. This is a place where people can pay to get someone assassinated!


Impact of the Dark Web

The dark web engulfs a significant chunk of the Internet. It houses about 7500 terabytes of information. This information is spread across more than 200,000 different sites – and they’re a lot seedier than you think.

So how does the Dark Web impact your business or your personal life? Well, think of it this way. If someone was stealing your jewelry, wouldn’t you be interested in knowing and possibly clamping down on the market where it’s being sold illegally? Some studies have pegged the total amount of revenues generated by criminal activities on the Dark Web as over $100 million a year. And we think that the number will continue to rise. So now you know where hackers make their money from.

What is of further concern is that law enforcement agencies are having a hard time penetrating the Dark Web. This is further exacerbated by the fact that most payments on the Dark Web take place in the form of Bitcoin which is a cryptocurrency that’s very difficult to trace.

All in all, the Dark Web with all the intrigue it brings with it should be a cause of concern for organizations and individuals alike. The activities going on in there are disruptive, in the wrong way. Criminal activities on the Dark Web can and have caused significant losses to organizations and individuals and the anonymity of it all only suggests that there’s more where that came from.

Stop Phishing Attacks with ERMProtect's Security Awareness Training

Turn your employees into a human firewall with our innovative Security Awareness Training.

Our e-learning modules take the boring out of security training.

ERMProtect's Weekly Newsletter

Get a curated briefing of the week's biggest cyber news every Friday.

Intelligence and Insights

log management

How A Log Management Assessment Can Prepare Your Organization for a Cyber Attack

This article delves into the significance of log analysis in a forensic readiness assessment and outlines best practices for organizations to optimize their log management strategies …
Business Impact Assessments

Importance of Business Impact Assessments

In the event of a data breach, Business Impact Assessments will help your organization prioritize recovery steps and get back to business faster …
cybersecurity incident response

How to Choose the Right Tabletop Scenario for Incident Response Testing

To effectively combat these threats, organizations must invest in robust cybersecurity incident response strategies …