Dark Web – Deep Web Investigation

[ Dark Web ] [ Surface Web ] [ Deep Web ] [ Illegal & Criminal activities on the Dark Web ] [ Importance of the Dark Web ] [ Dark Web Investigation ]

Dark Web


What is the Dark Web?

The dark web is simply a part of the  World Wide Web. The dark web uses networks called darknets. You need different software and setups to access the dark web anonymously.

In fact, you cannot reach the dark web by using traditional search engines such as Google, Bing etc. To access the dark web you need to use Tor (The Onion Router) or I2P (Invisible Internet Project) types of technology. The dark web is intentionally hidden. It cannot be accessed through standard web browsers. To search the deep web or dark web, you must use special deep web search engines.

In addition to the above, the traffic on the dark web is encrypted and communications are private. This is why it attracts criminal operators and other entities who prefer to work in the shade, unseen or difficult to trace. Cybercriminals and organized crime are increasingly using the dark web to conduct illicit business.

  • it is an ‘underground’ medium
  • it distributes harmful information
  • activities on the dark web are practically untraceable

In all honesty – as a research tool – the dark web contains a treasure trove of dark data.

The Surface Web

Surface Web

The surface web is different from the dark web. The surface web is called the Indexed Web, Indexable Web or Lightnet), where you find public information via for example systems such as Google, Bing, Yahoo, Yandex, Baidu, Wikipedia, etc.

Deep Web

The Deep Web

Take note that the dark web forms a tiny part of the deep web.

The deep web is not entirely indexed by search engines. Only what you can find on it is somewhat indicated, but to access it you need special browsers and configurations. Estimates state that the deep web is about 500+ times bigger than the surface web.

Hence the comparison with floating icebergs, whose main mass is under the surface. It’s difficult to measure in petabytes how big the deep is, exactly because most of its content is inaccessible. In 2001 data scientists estimated it would be 8+ petabytes big. We are now in 2021. Imagine the size…

Examples of Deep Web:

  • government databases
  • webmail systems
  • internal company directories (such as Active Directories)
  • data libraries
  • pages/sites in which normal search-engines cannot search
  • not illicit or illegal material

What is the Deep Web?

The deep web is the ‘invisible’ part of the web (aka the “hidden” web or “invisible” web). We call it the hidden web because this content is not indexed by the typical search engines (Google, Bing, Yandex, etc…) who index basically everything which their spiders & bots find on the public internet, the surface web.

The content of the deep web however hides behind forms, firewalls consist of webmail, online banking systems, private databases, restricted access to social media pages and profiles, web forums. You either have to register to see the content or pay for it.

Information you can find on the Deep Web

  • academic information
  • literature, books (not the illegal pdf-versions)
  • medical records
  • legal documents
  • scientific reports
  • subscription information
  • multi-lingual databases
  • conference proceedings
  • seminar, webinar content
  • government resources
  • competitor websites
  • organization specific repositories

Dark Web

Illegal & Criminal activities on the Dark Web / Dark Net

On its own, the dark web is not illegal, but most of the activity that occurs on the dark web is illegal or at least objectionable. Many criminal enterprises have thus established their presence on the dark web.

Hackers who might have infiltrated a company/organisations network to extract data can sell this on the dark web. On the dark web (essentially a marketplace for cybercriminals), you will find many illegal marketplaces, illegal websites, and other illicit “things”, illegal activities happening such as:

  • illegal drugs, heroin – online listings for illegal drugs
  • illegally distributed information
  • counterfeit money
  • stolen goods
  • illegal weapons and ammunition for sale
  • illegal drugs and firearms
  • explosives
  • untraceable documents
  • whisteblower activity
  • cyber terrorist related information
  • cyber crime targets, cyber attack tools
  • cyberweapons
  • stolen data, database, datasets (result of data breaches or data theft)
  • list of creditcard details, social security numbers
  • exposed PID – personally identifiable details
  • healthcare and insurance details
  • assassins for hire
  • illicit pornography
  • child pornography
  • Netflix passwords
  • stolen credit card account numbers
  • passwords and access credentials
  • customer account details
  • banking details
  • passports, identity cards (I/C)
  • companies that are easy targets for ransomware
  • hacking & cracking tools
  • cracked, copied & illegal software
  • malware
  • spyware
  • ransomware
  • RaaS – Ransomware as a Service
  •  illegal software
  • prepaid debit cards
  • hackers for hire
  • fake IDs
  • diverse illegal materials
  • articles by reporters hiding from hostile governments (difficult to trace)
  • identity theft scams
  • botnets
  • illegal bitcoin and other cryptocurrency services
  • hacking groups and hacking services
  • APT groups advertising their services
  • ilegal financing, loan sharks
  • divers fraudulent activities
  • terrorism related content
  • hoaxes, fake news
  • unverified content
  • illegal torrents (downloads)

You will also find “arenas”; forums where hackers expose and discuss vulnerabilities. In stage 2 this intelligence is then sold anonymously to global buyers.

The threat for corporations and organizations is immense and an ever-growing concern. The cyber threat is imminent also. Once you have been the victim of a data breach or ransomware attack, the catastrophic financial and reputational consequences become clear very fast.

Why do the Dark Web and Deep Web matter?

Imagine if employees are logged into the dark web, using office computers buying illegal things on the dark web. This would just be a minor thing as compared to the other major dark web exploitation issues that can hit your company.

What would happen if people who are under your care participate in illegal behaviour? What if they participate in dark web forums, which involve making threats hate speech or criminal conduct. What are the consequences? How to prevent all this?

What if your own credit card details, bank account information, social security numbers, PID are released on the dark web? Did you even notice this? What actions can you take, should you (not) take?

The exploitation of company data on the dark web has consequences:

  • failure of protection your company data & exposure on the dark web (accountability)
  • damage to consumer confidence and other business relationships
  • failure to comply with rules leads to legal issues or regulatory fines
  • customer loyalty damage
  • difficulty in establishing trust and securing new deals & business partnerships
  • adversarties will buy your stolen data and other will gain a competitive advantage
  • huge reputational damage to companies brand and trust your organization
  • social media coverage of the disaster might go viral
  • once you are have been exploited, you could be considered as unsecure company, an easy target for other cyber attacks or exploits.
  • high expenses in setting up proper security and investigate

Dark Web Investigation

If you have been ‘exposed’ already on the dark web, we don’t recommend doing these types of investigations on your own. Because it might lead to further disasters & extended exposure. How do you know by the way if your communication system is not totally compromised? Hence it would be useless or dangerous to keep using it to document the findings of an investigation… This does not mean you should not be aware of the dangers of the dark web and educate yourself. In the end, you will need to protect your people, your organization and your company against these dark web threats and related cyber-attacks.

Investigations into the dark web, require a secure setup. AR INTELL can assist Crime Investigators, National Security Investigators, Narcotics investigators, Government and Police Investigators using open source (OSINT) analytics to study what happens on the Dark Net or Dark Web.