The internet of today is a near endless resource for businesses and consumers. Although it wasn’t always this way, and the way we browse the web has changed drastically since its early years. One of the most controversial developments has been the creation of the dark web. While it is still a relatively new concept, the dark web continues to grow and be used in different ways. This has the potential to create new cyber security risks. 

In this blog, we’ll examine the dark web more closely, analysing the potential cyber security risks to businesses and how KELA can help overcome them. 


The dark web explained 

Since the internet was first made available for public use in April 1993, there have been many significant developments. Of these, among the most impactful are the creation and growth of three different access types, which are: 

  • Open web – the regularly accessible and publicly visible part of the internet that most people are familiar with through popular search engines. 
  • Deep web – parts of the internet containing content only visible to authorised individuals. The deep web is predominantly made up of databases controlled by public and private organisations. 
  • Dark web – parts of the internet that can’t be accessed with traditional browsers, containing content that is not indexed. Dark web users are fully anonymised, and their actions cannot be tracked. 

The best-known software for accessing the dark web is Tor. Known as ‘the onion router’, Tor creates layers on encryption around a user’s signals. These are then passed throughout a chain of Tor users whenever an action is made, making it almost impossible to track the device the individual is using to access the dark web. Encryption also extends to the sites hosted by Tor browsers, leading to ‘Hidden Services’. 

Why use the dark web? 

The main benefit of the dark web is that anyone who browses it has complete privacy, meaning they cannot be identified. As a result, the dark web is appealing to those who have risks associated with public online spaces. It has therefore been used for open discussion by political dissidents, undercover police officers, stalking victims, and people in countries with strict user access laws.  

Of course, this anonymity is sometimes also used by criminals to conduct illegal activities. Examples include the sharing of explicit or unauthorised material, the purchase and sale of illegal items such as weapons and drugs, and the promotion of terrorism. Many sites dedicated to criminal activities cannot be identified because their IP addresses are encrypted by the browser. 


Dark web cyber security threats 

Dark web browsing is not itself inherently nefarious. However, it has gained a criminal reputation due to how it is used by certain individuals and groups. Indeed, many kinds of cyber security threats can manifest on the dark web and cause damage to businesses and individuals. 

Due to the complete privacy experienced by dark web users, personal data can be sold in online marketplaces. This includes information relating to banking, email account login, social media, and social security number details.

Types of security threats for dark web users 

Certain professions, such as journalists and researchers, can benefit greatly from the dark web as a source of information. However, browsing the dark web comes with cyber security risks. These are: 

  • Malware – the dark web contains many links and downloads that can initiate cyber attacks. Malicious software is arguably more common on dark web sites, as there is no social contract between visitors and providers. In the event of device or network vulnerability, dark web malware can affect users even when they exit the Tor browser. 
  • Scams – phishing remains a common cyber crime tactic even on the dark web. Although, because everyone is anonymous these phishing attempts might vary to the ones conducted on the open web. 
  • Monitoring – entities linked to government and law enforcement continue to develop new and more powerful tools to analyse dark web activities. The software can locate buyers and bystanders alike. As such, even if a user visits a dark web site for innocent reasons, they could still be put on a ‘watch list’.


KELA – dark web cyber intelligence solutions 

Combating dark web threats can be difficult due to the lack of information available to parties that don’t have access. For instance, personal data regarding a business’s employees could be available on the dark web without its knowledge. The solution is for businesses to use threat hunting technologies provided by firms like KELA. This enables the infiltration of hidden sites and areas, without incurring further risk. The KELA platform adheres to all security and compliance policies in its dark web operations. 

CyberWhite works with KELA to provide actionable intelligence on emerging threats within the dark web. Our experts detect, gather, and analyse insights from curated sources to allow for targeted threat monitoring. This intelligence is invaluable to business cyber security as it can be used to inform proactive defensive measures and infrastructure. For instance, KELA’s technologies can immediately identify whether a piece of information on the dark web is publicly available, or if its presence indicates a system breach. 

The threat hunting process allows businesses to gather valuable information on the nature of cyber threats. This can include an attacker’s goals, as well as how they plan to breach an organisation’s systems. This data can then be used to strengthen cyber security in specific areas, designed for the business in question. 


Expert cyber security advisory services 

The dark web can be difficult to understand and its threats even harder to quantify. Fortunately, CyberWhite is experienced at monitoring dark web activity to ensure your business benefits from complete protection. Our experts use KELA intelligence to great effect, putting themselves in the eyes of the attacker and neutralising threats before they can emerge. Contact us today.