The internet has become a baseline requirement to conducting business. Whether checking email, catching up on industry news or accessing customer information, most of us use the internet throughout the day, every day, in a variety of capacities. But, do we understand how it works, even at a basic level? In order to better explain the darknet and the darkweb, let’s start with an overview of the internet.
The term internet is short for internetwork, a system created by connecting a number of computer networks together. An internet allows for communication between devices that are a part of that internetwork.
The internet, which until recently was denoted by a capital “I”, is the most well-known example of an internetwork. This is the internet that we find indispensable to our daily lives, and it links billions of devices across the world through a network of networks using standardized procedures or protocol.
Browsing websites on the web is not the only way in which information is shared via the internet. Email, instant messaging, and FTP are other ways to share information like emails, messages, and files.
To clarify, the web is not synonymous with the internet and should not be confused with it. The web is simply a way of accessing webpages over the medium of the internet.
The Surface Web
The websites we browse each day make up only a small percentage of the internet.
These sites, collectively known as the surface web, are visible and accessible to common search engines such as Google and Yahoo. While estimates vary, many experts agree that the surface web comprises roughly 4% of all online content. For more reading on how search engines crawl and index web content, see Google's excellent overview.
Below the Surface
Beyond the surface web, 96% of online content is found in the deep web and the darknet.
THE DEEP WEB
The deep web consists of content that cannot be found or directly accessed via surface web search engines such as Google and Yahoo. Examples of deep web sites include websites that require credentials (registration and login), unlinked sites that require a direct link to access, sites that are purposefully designed to keep search crawlers out, and databases - the majority of content in the deep web.
Deep web databases commonly have their own search functionality which allows users to access the data contained within them. Government databases (we'll get to an example in a minute), patient medical records, and library catalogs are just a few examples of deep web databases. While these databases do not have to require login credentials, many of them do.
Let's take a look at the Denver Property Taxation and Assessment System website. Individuals can use this site to search property assessment and tax data by entering a Denver-based address into the system. However, if you enter this same Denver-based address into Google or Yahoo (and even include terms such as 'property assessment' or 'tax data'), you will not find the results from the Denver Property Taxation and Assessment System website. This database and its search functionality are one example of a deep web database that is hidden from surface web search engines.
THE DARKNET + THE DARK WEB
Beyond the deep web is the darknet. The darknet is a network, built on top of the internet, that is purposefully hidden, meaning it has been designed specifically for anonymity. Unlike the deep web, the darknet is only accessible with special tools and software - browsers and other protocol beyond direct links or credentials. You cannot access the darknet by simply typing a dark web address into your web browser.
Above we mention that the internet we refer to and use daily is the most well-known example of an internet. Similarly, below are several examples of darknets (each links to more information):
Tor, or The Onion Router, is an overlay network comprised of volunteer-operated servers that allows people to separate where they are in the world, from where they are browsing on the Internet. Users connect through a series of virtual tunnels rather than making a direct connection.
I2P, or the Invisible Internet Project, is an anonymous overlay network - a network within a network - intended to protect communication from surveillance and monitoring.
Freenet is free software which allows users to anonymously share files, browse and publish "freesites" (web sites accessible only through Freenet) and chat on forums. Communications by Freenet nodes are encrypted and are routed through other nodes to make it extremely difficult to determine who is requesting the information and what its content is.
ZeroNet is an example of a decentralized network which can also act as a darknet.
We'll use Tor, perhaps the most well-known and most-used, to better explain the darknet and dark web. Tor, short for The Onion Router (the project's original name), routes traffic to dark web sites through layers of encryption to allow for anonymity. The term dark web refers to websites on a darknet. In Tor's case, these dark web addresses all end in .onion.
Onion routing is implemented by tunneled encryption. Tor build a virtual connection between the user and each server in the path of at least three Tor relays. Each relay decrypts a layer of encryption to reveal only the next relay in order to pass on the remaining encrypted data. The final Tor relay decrypts the innermost layer of encryption and sends the original data to its destination without revealing, or even knowing, the source address.
The other darknets mentioned above employ similar methods of data transmission, all with the end goal of keeping users, usage, and information hidden.
Who Uses the Darknet and Why?
Most of what you've likely heard or read about the darknet and dark web sites involves illegal or nefarious activity. Of course where there are possibly valid uses for anonymity, there are also criminals looking to use the anonymity of the darknet to their advantage, with the largest volume of darknet sites revolving around drugs, darknet markets (darknet sites for the buying and selling of goods and services), and fraud. Examples of criminal use of the darknet are seen below.
Drug or other illegal substance dealers: A variety of darknet markets (black markets) allow for the anonymous buying and selling of drugs and other illegal or controlled substances like pharmaceuticals.
Counterfeiters: Counterfeiters offer document forging and currency imitation services via the darknet.
Sellers of stolen information: Credit card numbers and other personally identifiable information (PII) can be purchased on the darknet for theft and fraud activities.
Weapons dealers: A variety of darknet markets (black markets) allow for the anonymous, illegal buying and selling of weapons.
Hackers: Black hat hackers, or those looking to bypass and exploit security measures for personal gain or simply out of spite for an organization or action, brag about their exploits, communicate and collaborate with other hackers, and share security exploits (take advantage of a bug or vulnerability to gain access to software, hardware, data, etc.) on the darknet.
Gamblers: Certain sites on the darknet block U.S.-based internet service providers. Gamblers may take to the darknet to skirt local gambling laws.
Terrorists: Just as people living and/or working in countries being led by oppressive regimes will often take to the darknet, terrorists do too. Internet access, recruiting, sharing of information, and organizing can be done anonymously on the darknet.
Murderers/Assassins: While there is debate as to whether these services are legitimate, law enforcement, or simply fictitious sites, there are dark web sites where murder-for-hire services are listed.
Vendors of illegal explicit materials: We won't go into further detail here.