What is the dark web? Myths, realities and cybersecurity risks

The World Wide Web is far bigger than what you see on Google. Beneath it lies the deep web and, further still, the dark web – a hidden network often shrouded in mystery, speculation and misinformation. But what is the dark web, exactly? More importantly, should we fear it or better understand it?

The dark web is a section of the Internet not searchable through traditional search engines, where privacy and anonymity reign. It is notorious for illegal transactions and activities such as drug trafficking, arms dealing and identity fraud. But it’s not all crime and secrecy. It also provides a safe haven for whistleblowers, journalists and those seeking free expression under oppressive regimes.

Yet, with anonymity comes risk. From information security threats like identity theft and malware to scams and surveillance, navigating the dark web without caution can lead to real dangers. So, is the dark web a lawless underworld or a misunderstood frontier for privacy and free expression? Here’s what you need to know.

Enable Javascript to view table

What is the dark web?

Hidden, encrypted and out of reach of traditional search engines, the dark web is a place where anonymity rules. Users slip into this shadowy realm using a anonymizing browser, like Tor (The Onion Ring) browser, and a Virtual Private Network (VPN) to protect their identity and secure their connection.

But what happens beyond the veil? The dark web pulses with activity – both lawful and illicit. While it provides anonymity for privacy advocates and whistleblowers, it’s also a breeding ground for cyber threats. Over half of its listings pose potential risks to individuals and organizations. To counter this, dark web monitoring has become essential to detect these threats and safeguard digital privacy.

How the dark web works

The dark web operates as an anonymous marketplace where illegal goods and services are just a few clicks away. Commonly traded items include:

Stolen financial data: Credit card numbers, bank account logins and prepaid debit cards.
Compromised accounts: Streaming services like Netflix, social media profiles and subscription credentials.
Counterfeit items: Fake currency, forged documents and false identifications.
Drugs and weapons: All types of illegal drugs and firearms.
Illicit financial services: Money laundering operations, counterfeit money and stolen bank accounts/credit card details.
Extremism and terrorism: Radical ideologies, propaganda materials and “how-to” guides for violence.
Hacking tools and services: Malware, exploit kits and “hackers for hire”.
Personal data and identity fraud: Stolen medical records, private photos and sensitive personal information.

But the dark web isn’t all shadows and crime. It’s a lifeline for activists, whistleblowers and journalists seeking safe spaces to connect and speak freely. Social platforms buzz with anonymous conversations, even as law enforcement hunts through digital shadows to crack down on criminal rings.

Meanwhile, cybersecurity experts monitor the dark web, scanning for stolen data and emerging threats. If your information surfaces in these murky depths, there’s very little you can do – but knowing the risks involved is a first step toward defence.

Who created the dark web?

The dark web didn’t start as a haven for cybercriminals – it was actually developed for a very different purpose. Originally created by the US military to enable secure and anonymous communication, this hidden layer of the Internet has since evolved into a complex digital underground.

In the late 1990s, a powerful tool – the Onion Router (or Tor, for short) – was built to protect military operations, particularly in hostile zones where secrecy can mean the difference between life and death. However, Tor didn’t stay in the shadows for long. It quickly outgrew its military roots, emerging as the Tor browser, a free gateway to the dark web’s digital back alleys. It is now one of the most widely used browsers to access the dark web.

Dark web vs deep web

Think of the Internet as an iceberg – what you see is only a fraction of what exists beneath the surface. Let’s break down the three layers that make up the online world:

Open web (4 %–5 %): Also called the “clear web”, this is everything indexed by search engines: news sites, blogs, social platforms and online stores. It’s the visible, public-facing part of the Internet.
Deep web (90 %–95 %): The massive, hidden layer beneath the surface, includes private content like email accounts, online banking, subscription services and cloud storage –anything that requires a login or isn’t indexed by search engines. You access the deep web every day without realizing it – logging into an account or streaming paid content. While most of it is legitimate, some areas host piracy sites and illicit forums.
Dark web (<1 %): A small but infamous part of the deep web, the dark web is accessible only through specialized tools like the Tor browser. What is Tor? Simply put, it’s a tool that uses onion routing to mask identities and encrypt traffic. Users rely on privacy-focused tools like DuckDuckGo and other dark web browsers to navigate hidden darknet websites with .onion domains.

Darknet websites uncovered

To ensure this level of anonymity, darknet websites conceal their presence within the dark web, accessible only through dark web search engines. While they look like your run-of-the-mill websites, there are important differences. One is the naming structure. Instead of familiar endings like .com or .net, these sites hide behind .onion domains: unique addresses exclusive to the Tor network.

Forget catchy URLs – darknet websites prefer chaos. Their addresses are often a jumbled mess of letters and numbers, almost impossible to remember, like the notorious “eajwlvm3z2lcca76.onion”, which once served as the gateway to the infamous Dream Market.

But danger is always one click away. Scammers prowl the dark net, launching fake storefronts that vanish overnight, often with their victims’ money. Even established markets aren’t safe. In 2017, a global police operation brought down AlphaBay, the dark web’s largest illegal marketplace, shaking the underground economy.

How to access the dark web

Accessing the dark web isn’t as mysterious as it seems. It all starts with Tor, which keeps your identity under layers of encryption. The Tor browser conceals IP addresses and browsing activity by redirecting web traffic through a series of proxy servers operated by thousands of volunteers across the globe. This process, called onion routing, protects users from surveillance and tracking.

Once installed, the browser functions like a regular web browser. However, finding information can be challenging as the dark web doesn’t use a centralized index to locate content. Instead, users rely on dark web search engines like DuckDuckGo or directories, such as the Hidden Wiki and its offshoots, to find .onion websites. But privacy is fragile – using a VPN alongside Tor and maintaining strict security habits is crucial.

Is the dark web illegal?

The dark web often gets a bad rap, but accessing it isn’t illegal – it’s what you do there that matters. Simply browsing darknet websites through the Tor browser or using private search engines for research is perfectly legal. In fact, the dark web plays a vital role in providing a space for anonymous communication and secure data sharing.

Not everything on the dark web is illicit or criminal. This hidden part of the Internet has many useful purposes:

Secure communication: Tools like the Tor browser allow people to communicate freely in countries where speech is restricted.
Privacy resources: The dark web provides access to guides on encrypted email services and anonymous operating systems, helping users maintain their privacy online.
Unusual finds: Users can discover full editions of hard-to-find books and curated collections of political articles from mainstream news sources.
Anonymous discussions: Forums like IntelExchange offer spaces for discussing current events anonymously without fear of surveillance.
Whistleblower platforms: Sites such as the dark web version of WikiLeaks provide safe channels for whistleblowers to share sensitive information.
Social media access: Hidden social networks function like a Facebook for the privacy-conscious, allowing users to connect, share and interact without sacrificing anonymity. Unlike mainstream platforms, these networks enforce strict privacy policies, ensuring users remain untraceable.

Types of threats on the dark web

While the dark web offers privacy and anonymity, it also harbours significant dangers and risks. If you’re considering exploring it, here are some common threats to watch out for:

Malicious software (malware): The dark web is full of viruses, spyware and ransomware, often hidden in downloads or links. Clicking the wrong ad or visiting a compromised darknet website can infect your device and expose your data.
Scams and fraud: Scammers thrive on the dark web, setting up fake storefronts and phishing schemes. It’s common for users to pay for goods or services, only for the vendor to vanish without delivering.
Data theft: Identity thieves lurk in forums, trading stolen credentials. Simply interacting with shady vendors could put your personal information at risk.
Honey pot traps: Some illegal marketplaces are actually run by law enforcement to catch criminals in the act. Buying or selling illegal goods on these sites can lead to arrest.

The dark web: risks and the role of standards

As cyber threats grow more sophisticated, organizations are keeping a close watch on the dark web. Companies use dark web monitoring to scan for leaked data, stolen credentials and breach indicators, helping them track and identify perpetrators. But let’s be realistic, the best defence isn’t just playing detective after the fact. It’s making sure your sensitive information never lands there in the first place.

That’s where information security standards and best practices come in. Recognizing the risks and implementing cybersecurity measures to identify, protect, defend, respond and recover from attacks is your first line of defence. A strong cybersecurity framework starts with risk management and structured protection:

Establish a security framework: ISO/IEC 27001 helps organizations create a comprehensive approach to managing risks, while ISO/IEC 27005 assists in identifying risks.
Implement security controls: ISO/IEC 27002 provides a range of best-practice controls to mitigate risks and protect critical data.
Deploy a cybersecurity strategy: ISO/IEC TR 27103 outlines how to leverage existing standards in a comprehensive cybersecurity framework to identify, protect, detect, respond and recover from cyber-attacks.

By embedding these standards into their security framework, organizations can minimize their exposure, fortify their defences and stay one step ahead of cybercriminals.

ISO/IEC 27001:2022Information security management systems
ISO/IEC 27002:2022Information security controls
ISO/IEC 27005:2022Guidance on managing information security risks
ISO/IEC TR 27103:2018Cybersecurity and ISO and IEC standards

Ironclad cybersecurity

In an era defined by digital connectivity, protecting sensitive, critical and personal information from cyber threats – including those originating from the dark web – is a strategic imperative. International Standards offer organizations a robust, globally recognized framework to strengthen cybersecurity resilience, mitigate risks and safeguard sensitive and critical data from unauthorized access and misuse.

Staying ahead of cybercriminals requires more than reactive measures; it demands a proactive, systematic approach built on continuous improvement, risk awareness and adherence to proven security protocols. By integrating top-grade security into their operations, organizations can not only reduce their exposure to cyber threats but also reinforce trust in an increasingly data-driven world.