The Dark Web: anarchy, law, freedom and anonymity

Uploaded on 2015-03-08 in TECHNOLOGY--Developments, GOVERNMENT-Law Enforcement, FREE TO VIEW

The Deep Web, the bit of the World Wide Web that's not indexed by search engines like Google and Bing, is of intense interest to people who want to avoid government spies and law enforcement.

It is a lawless cyber-frontier with similarities to the Old West; it is intrinsically neither good nor bad but it holds particular attraction for pioneers because its resources haven't been fully explored, and it holds particular attraction for criminals because they can get away with doing things there that they can't do elsewhere. Like the Old West when it was everything west of the Mississippi river, the Deep Web appears to be larger than the territory that's already been settled but genuine outposts of activity are probably quite sparse and widely separated.

For the most part, the fact that sites in the Deep Web don't appear in Google results is a reflection of Google's commercial priorities and indexing methods rather than anything sinister.

Most of the Deep Web is dark for the same reason that the Old West was dark - it hasn't been worth anyone's while to install good lighting.

A small corner of the Deep Web is really dark though - so dark that it's called the Dark Web - because fundamental things like who you are and where you or the website you're using is located are a secret. This is the domain created by tools like Tor and I2P that provide ways to interact that are difficult to discover, and are anonymous and untraceable.

The Dark Web is many things to many people - it can be a safe haven and a secure communication channel for spies, citizens, journalists and whistle-blowers for example - but for the worst criminals it is the safest place to conduct their business online. It attracts people who want to engage in things like robbery to order, sex trafficking, arms trafficking, terrorism and distributing child pornography.

A report published by the Global Commission on Internet Governance entitled The Impact of the Dark Web on Internet Governance and Cyber Security proposes areas that law enforcement efforts should focus on.

Although their report is deliberately focused on the negative impact of the Dark Web they offer an even-handed view, describing it in non-judgmental terms and detailing both its capacity to save lives and the extreme criminality that finds safe haven in it.

The paper provides an interesting insight into how the content of the Dark Web, not just the technology, makes life difficult for law enforcement: ...crawling the clear Internet is usually an operation involving the retrieval of resources related to a site, this is not recommended in the Dark Web.

The paper exposes our most modern dilemma, writ large again; I want personal freedom, I want encryption, I don't want dragnet surveillance but I don't want safe havens for paedophiles or sex traffickers either and I don't want to have to make an absolute trade between any of those things.

The Dark Web isn't intrinsically bad, nor criminal, but it's folly to deny that alongside its ability to protect privacy and save lives, it is a magnet for extreme criminality.

As police forces get better at prosecuting cross-border crime on the regular web, it's likely to become an ever more popular place for criminals to do business too.

Sophos

 

« Private Equity and Cyber Security: The 3 Weak Points
How do we police the digital age? »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

QNAP Systems

QNAP Systems

QNAP Systems, Inc. delivers world class network attached storage (NAS) and network video recorder (NVR) solutions.

Zentera Systems

Zentera Systems

Zentera's CoIP (Cloud over IP) solution offers enterprise-grade networking and security for the emerging cloud ecosystem.

IABG

IABG

IABG offer independent, product-neutral consulting as well as technical and scientific services for the use of safety-relevant systems and technologies.

Identify Security Software

Identify Security Software

Our mission is to bring in a new age of autonomous human authentication in the security and identity space.

RiskRecon

RiskRecon

RiskRecon makes it easy to gain deep, risk contextualized insight into the cybersecurity risk performance of all of your third parties.

360° Online Brand Protection

360° Online Brand Protection

360° Online Brand Protection have developed a response to monitor counterfeiting and piracy activity at the online point of sale.

US Cyber Range

US Cyber Range

US Cyber Range is a scalable, cloud-hosted infrastructure providing students with virtual environments for realistic, hands-on cybersecurity labs and exercises.

QuoIntelligence

QuoIntelligence

QuoIntelligence experts can help your team understand the evolving cyber threats and provide simple yet comprehensive recommendations so you can focus on what matters.

Commonwealth Cyber Initiative (CCI)

Commonwealth Cyber Initiative (CCI)

The Commonwealth Cyber Initiative is establishing Virginia as a global center of excellence at the intersection of security, autonomous systems, and data.

Xopero Software

Xopero Software

Xopero Software develops a comprehensive range of professional tools for protecting and restoring critical business data.

BugDazz

BugDazz

BugDazz pentest as a service (PTaaS) platform helps bringing in real-time results, detail coverage, & easy remediation workflows with compliance-ready reports.

Aegis Security

Aegis Security

Aegis Security helps clients to secure their systems against potential threats through pre-emptive measures, such as security assessments, and cutting-edge solutions to security challenges.

NetRise

NetRise

NetRise was founded as a direct result of the many shortcomings currently in the device security market, specifically targeting the firmware of devices.

Arakyta

Arakyta

Arakÿta specializes in business strategy, work flow process and IT systems for organizations.

Emantra

Emantra

Emantra specialises in the enablement of Secure Cloud services through it’s comprehensive Sovereign Cloud Hosting, Secure Access Service Edge, and managed services.

Cyver Core

Cyver Core

Cyver Core is a pentest management and pentest report automation platform that consolidates cybersecurity work, automates overhead, and frees cybersecurity professionals up for the work that matters.