The internet, or 'World Wide Web' as most of us know it, came to life in October 1989 when Sir Tim Berners-Lee created the 'HTML' code that allowed pages to link to one-another. Today we surf the web on a daily basis, without really thinking about all these interconnected pages, but whilst we are surfing, there are things going on much deeper that few of us realise and fewer truly understand.
The deep web
The Web which we 'surf' on a daily basis really is just the surface of the web. It is estimated that what most of us use on a daily basis is only 5% of the information available on the internet. 95% is hidden from search engines like Google, Bing, Yahoo etc. You'll have visited these sites, as they are the sites hidden behind personal accounts and passwords (FaceBook is a good example of a site whose contents are classified as being 'deep', as their contents won't show up in Google searches). The amount of information thought to be held in the 'Deep Web' is approximated to be around 500 times bigger than that held on the web you use on a daily basis.
The dark web
But just like the oceans, there are darker recesses of the Deep, which can only be reached using specialist browsers. This is the place inhabited by Hackers, journalists, law enforcement agencies, terrorists, criminal gangs, paedophiles, drug dealers and security consultants. On the Dark web, anything and everything is available, from high explosives, ammunition, illegal drugs and stolen credit card details through to sexual abuse images and malicious software that can be used to attack your practice.
Why should you care?
Gaining access to the Dark web is child's play. Simply 'Google' "How to access the Dark Web" and you'll be given instructions on what to do. This is a concern because employees can use these tools to steal information from you or access and download information that you really don't want on your company network. On a personal level we should be aware that most 'Millennials' have heard of and even visited the Dark web. Yes. Your children most likely have visited the place where drug dealers and criminal's hangout.
What should you do?
The Dark Web is not going away. It will always be there and you can't really protect yourselves from it, any more than you can protect yourself fully when swimming in open waters. So you need to be aware of the dangers and take a few precautions that help protect yourselves from the dangers which are hidden in the depths.
- Ensure your 'Acceptable Use' policy states that the downloading and use of 'Anonymising Tools, such as 'TOR' or other tools is prohibited.
- Speak to your IT team and check that they have disabled the ability for the average user to install software without IT's assistance/knowledge.
- Ensure the controls surrounding access to your IT systems are regularly reviewed (this is made far easier using centralised Case Management Systems and Cloud based applications)
- On a personal level, speak to your family about the Dark Web. Have they heard of it? Have they ever visited it? Have an open and honest discussion about this area of the web. Remember; If you're not talking to them about it – someone (maybe on the Dark Web) will be.
We must remember that the Dark web cannot be closed down. Law enforcement agencies (globally) will investigate, infiltrate and close down sites which are dedicated to selling stolen information, identities or credit card information. But when one site closes, another will rise from the ashes. The Dark Web is where organised criminals go to buy their 'Malware' and other tools that can be used against traditional businesses, and our best defence against them is being aware that they exist.