Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

5/10/2019
03:00 PM
Kelly Sheridan
Kelly Sheridan
Slideshows
Connect Directly
Twitter
LinkedIn
Google+
RSS
E-Mail

Demystifying the Dark Web: What You Need to Know

The Dark Web and Deep Web are not the same, neither is fully criminal, and more await in this guide to the Internet's mysterious corners.
2 of 8

What Is the Deep Web?
The Internet can be broken into three general parts, Wilson says. The clear, or surface, Web is the part of the Internet we use every day to check the weather, read the news, and get the latest sports scores. We don't need special technology or credentials to gain access.
Then there is the Deep Web - the part of the Internet not discoverable by standard search engines. It's hard to determine the exact size of the Deep Web because of the sheer number of websites it includes: pages that require logins, for example, and internal company networks. Bank accounts, social media accounts, email accounts, and forums are all part of the Deep Web.
The Deep Web is often conflated with the Dark Web, the third part, because people consider it 'a hidden part' of the Internet, Wilson says. But this is not entirely true - most people use the Deep Web every day. 'You can't find it on Google or other search engines,' she says. 'It's not indexed, but that doesn't mean it's hidden in a nefarious way,' she says. The Deep Web contains a massive number of websites not available on the surface Web, but being hidden does not make them criminal.
Cybercrime does happen on the Deep Web, she adds. Criminals buy and sell credit cards on websites that require login credentials but not access to the Dark Web. 'They're also not trying too hard,' Wilson notes. For greater anonymity, they go to the Dark Web, the part of the Internet most often associated with crime.  
(Image: Serg269 - stock.adobe.com)

What Is the Deep Web?

The Internet can be broken into three general parts, Wilson says. The clear, or surface, Web is the part of the Internet we use every day to check the weather, read the news, and get the latest sports scores. We don't need special technology or credentials to gain access.

Then there is the Deep Web the part of the Internet not discoverable by standard search engines. It's hard to determine the exact size of the Deep Web because of the sheer number of websites it includes: pages that require logins, for example, and internal company networks. Bank accounts, social media accounts, email accounts, and forums are all part of the Deep Web.

The Deep Web is often conflated with the Dark Web, the third part, because people consider it "a hidden part" of the Internet, Wilson says. But this is not entirely true most people use the Deep Web every day. "You can't find it on Google or other search engines," she says. "It's not indexed, but that doesn't mean it's hidden in a nefarious way," she says. The Deep Web contains a massive number of websites not available on the surface Web, but being hidden does not make them criminal.

Cybercrime does happen on the Deep Web, she adds. Criminals buy and sell credit cards on websites that require login credentials but not access to the Dark Web. "They're also not trying too hard," Wilson notes. For greater anonymity, they go to the Dark Web, the part of the Internet most often associated with crime.

(Image: Serg269 stock.adobe.com)

2 of 8
Comment  | 
Print  | 
Comments
Newest First  |  Oldest First  |  Threaded View
Tor Weaponized to Steal Bitcoin
Dark Reading Staff 10/18/2019
Data Privacy Protections for the Most Vulnerable -- Children
Dimitri Sirota, Founder & CEO of BigID,  10/17/2019
State of SMB Insecurity by the Numbers
Ericka Chickowski, Contributing Writer,  10/17/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Flash Poll
2019 Online Malware and Threats
2019 Online Malware and Threats
As cyberattacks become more frequent and more sophisticated, enterprise security teams are under unprecedented pressure to respond. Is your organization ready?
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2015-9501
PUBLISHED: 2019-10-22
The Artificial Intelligence theme before 1.2.4 for WordPress has XSS because Genericons HTML files are unnecessarily placed under the web root.
CVE-2019-16971
PUBLISHED: 2019-10-22
In FusionPBX up to 4.5.7, the file app\messages\messages_thread.php uses an unsanitized "contact_uuid" variable coming from the URL, which is reflected on 3 occasions in HTML, leading to XSS.
CVE-2019-16972
PUBLISHED: 2019-10-22
In FusionPBX up to 4.5.7, the file app\contacts\contact_addresses.php uses an unsanitized "id" variable coming from the URL, which is reflected in HTML, leading to XSS.
CVE-2019-16973
PUBLISHED: 2019-10-22
In FusionPBX up to 4.5.7, the file app\contacts\contact_edit.php uses an unsanitized "query_string" variable coming from the URL, which is reflected in HTML, leading to XSS.
CVE-2015-9496
PUBLISHED: 2019-10-22
The freshmail-newsletter plugin before 1.6 for WordPress has shortcode.php SQL Injection via the 'FM_form id=' substring.