The term cybercrime usually brings to mind phishing scams, 419 scams and online banking fraud. Most people are unaware of the cyber underworld known as the DarkNet. In this hidden and mysterious virtual domain, cybercrime takes on a different dimension.
The DarkNet is a network that is deliberately hidden and inaccessible through the internet with which we are all familiar (the “surface net”). It is accessed with the help of specially designed software which anonymises users’ identity and encrypts information sent over the network.
The concept of the DarkNet was originally developed by the US Navy. However, because of the anonymity the DarkNet offers, various other groups have taken advantage of it. Journalists, political dissidents and whistle-blowers, particularly those living in repressive societies, rely on the DarkNet to publish information freely and communicate with sources, without fear of retribution.
While activists use the DarkNet to organise themselves without revealing their position to the governments they oppose, terrorists and criminals use the DarkNet for the same reason.
The DarkNet and the Deep Web
The Deep Web refers to all parts of the internet which cannot be indexed by search engines. The Deep Web therefore includes data contained in private databases and academic resources and member-only websites.
The DarkNet forms part of the Deep Web as its contents are not accessible through search engines, but the DarkNet is different in that it can be accessed by anyone with the right software.
How does it work?
The anonymising software is freely available through the surface net and makes use of ‘onion routing’ technology. The name stems from the way in which data sent over the network is encrypted at multiple layers, similar to the layers of an onion.
The most popular onion routing software is Tor (The Onion Router). Internet traffic on the DarkNet is directed by programs such as Tor, through a free, worldwide, volunteer network consisting of thousands of relays provided by volunteers.
Because no search engines work on the DarkNet, simple directories containing links to addresses are used to navigate the DarkNet. However link directories are unreliable as addresses are constantly changing. Often a website will be shut down overnight and reopened the next day at a different address, as sites are compromised by hackers or law enforcement agencies. Navigating the DarkNet is notoriously difficult for new users. Regular users rely on website address information from other users who are already in the know.
Illegal uses of the DarkNet
A common feature of the DarkNet is its ‘virtual markets.’ The secretive nature of the DarkNet makes it ideal for transacting unlawful business and many DarkNet markets unashamedly facilitate the sale of items such as child pornography, drugs, weapons, stolen goods and assassination services. Cryptocurrencies such as Bitcoin are used as the method of payment because credit cards are not acceptable: they can be traced and transactions can be repudiated.
Corporate uses and risks
Some corporations are using the DarkNet as a safe way to communicate with employees in different locations and protect confidential business activities, relationships and databases from eavesdroppers. In certain respects, the anonymising software used to access the DarkNet may be used by a corporation in place of traditional VPN’s (Virtual Private Networks).
Traffic analysis of the surface net (internet surveillance) is a major reason why corporations (and individuals) are using Tor. Traffic analysis enables organisations or hackers to learn the behaviour and interests of subjects or groups, by following the source and destination of internet traffic. Tor and other DarkNet browsers seek to eliminate the risks of both simple and sophisticated traffic analysis by distributing transactions over several places on its network. No matter where information may be intercepted, an accurate link to a subject’s destination is virtually impossible to obtain.
What may not always be considered is that employees may be using the DarkNet to distribute information and conceal their communications. A disgruntled employee could distribute secret trade information of their employer, without the employer having any way of tracing the perpetrator. As an article in the New York Times put it “when a communication arrives from Tor, you can never know where or whom it’s from.” (New York Times Magazine, 17 December 2010). This is a risk which is potentially unknown, or at least misunderstood, by most organisations.
Internet surveillance of the surface net is pervasive, and may limit corporate and individual ability to communicate privately and safely online.
Trends in internet surveillance and hacking technology also threaten national security and infrastructure by making communication among governments, organizations, corporations and individuals vulnerable to interception and analysis.
The usefulness of the DarkNet to individuals, corporates and governments for lawful, private and secure communications is obvious, but its very secrecy lends itself to abuse by criminals. At present there is no reliable way of allowing the DarkNet to be used for good whilst barring its use for illegal purposes.
With credit to Daniel Chappel.