Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

5/10/2019
03:00 PM
Kelly Sheridan
Kelly Sheridan
Slideshows
Connect Directly
Twitter
LinkedIn
Google+
RSS
E-Mail
100%
0%

Demystifying the Dark Web: What You Need to Know

The Dark Web and Deep Web are not the same, neither is fully criminal, and more await in this guide to the Internet's mysterious corners.
Previous
1 of 8
Next

(Image: Kavzov - stock.adobe.com)

(Image: Kavzov stock.adobe.com)

If you ask the average consumer about the Dark Web, chances are good they won't have a positive response. Most people assume the Dark Web is malicious – if they know about it at all.

Over the years, and especially of late with breaches and hackers making headlines, the Dark Web's reputation has been crafted by high-profile arrests and sensational news stories. Films and television shows have also shaped public perception. Even four to five years ago, people within the technology and security industries had a skewed opinion of what the Dark Web is.

"Anyone who was familiar with it typically had an outlandish view of what was happening there," says Emily Wilson, vice president of research at Terbium Labs. In recent years, the industry has begun to have more developed conversations, discussing how the Dark Web is changing, how it's responding to different events, and how it fits into their cyber-risk strategies. Employees in the finance and tech spaces, where security is paramount, are especially aware.

Still, she adds, most modern consumers are a few years behind. More have heard of the Dark Web, but those who have are afraid of it. "Their feeling about the Deep and Dark Web is it's just this bad place," adds Flashpoint chief strategy officer Chris Camacho.

So what exactly is the Dark Web, and how is it different from the Deep Web? How do they both work, and what goes on there? Here, we hope to fill in the gaps. We spoke with Dark Web experts, who answer your FAQs about the unknown Internet.

 

 

 

 

Join Dark Reading LIVE for two cybersecurity summits at Interop 2019. Learn from the industry's most knowledgeable IT security experts. Check out the Interop agenda here.

 

Kelly Sheridan is the Staff Editor at Dark Reading, where she focuses on cybersecurity news and analysis. She is a business technology journalist who previously reported for InformationWeek, where she covered Microsoft, and Insurance & Technology, where she covered financial ... View Full Bio

Previous
1 of 8
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
matty37
50%
50%
matty37,
User Rank: Apprentice
10/29/2019 | 9:08:32 AM
the dark web
But isn't it right? I do think that most people don't have their fears out of nowhere, and this perception about the dark web was created based on something. It might be not as bad as it's portrayed, but it's definitely not a safe place as well. I would like to try it out and see how it looks like, but I'm currently still debating if it's worth it. I heard that you have to use Tor to access it, although I also have SurfsharkVPN; hopefully, that will increase my safety if I decide to take a glimpse
Data Leak Week: Billions of Sensitive Files Exposed Online
Kelly Jackson Higgins, Executive Editor at Dark Reading,  12/10/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Our Endpoint Protection system is a little outdated... 
Current Issue
The Year in Security: 2019
This Tech Digest provides a wrap up and overview of the year's top cybersecurity news stories. It was a year of new twists on old threats, with fears of another WannaCry-type worm and of a possible botnet army of Wi-Fi routers. But 2019 also underscored the risk of firmware and trusted security tools harboring dangerous holes that cybercriminals and nation-state hackers could readily abuse. Read more.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-12420
PUBLISHED: 2019-12-12
In Apache SpamAssassin before 3.4.3, a message can be crafted in a way to use excessive resources. Upgrading to SA 3.4.3 as soon as possible is the recommended fix but details will not be shared publicly.
CVE-2019-16774
PUBLISHED: 2019-12-12
In phpfastcache before 5.1.3, there is a possible object injection vulnerability in cookie driver.
CVE-2018-11805
PUBLISHED: 2019-12-12
In Apache SpamAssassin before 3.4.3, nefarious CF files can be configured to run system commands without any output or errors. With this, exploits can be injected in a number of scenarios. In addition to upgrading to SA 3.4.3, we recommend that users should only use update channels or 3rd party .cf ...
CVE-2019-5061
PUBLISHED: 2019-12-12
An exploitable denial-of-service vulnerability exists in the hostapd 2.6, where an attacker could trigger AP to send IAPP location updates for stations, before the required authentication process has completed. This could lead to different denial of service scenarios, either by causing CAM table att...
CVE-2019-5062
PUBLISHED: 2019-12-12
An exploitable denial-of-service vulnerability exists in the 802.11w security state handling for hostapd 2.6 connected clients with valid 802.11w sessions. By simulating an incomplete new association, an attacker can trigger a deauthentication against stations using 802.11w, resulting in a denial of...