Digging into the Darknet: How to Spy on the Enemy

The darknet. It sounds rather ominous and it certainly conjures up images of underground criminal activity. But what exactly is this and is it as dark as you think? Or is there a way to use the Darknet for good instead of evil? Let’s delve in…

What is the Darknet?

The Darknet, also known as the dark web (but not to be confused with the deep web), is sort of like a hidden Internet under the Internet. It is often considered the criminal underworld of the web. Specific definitions vary, but think of it as the anonymous Internet. A Beginner's Guide to Exploring the Darknet explains that “within the darknet both Web surfers and website publishers are entirely anonymous. Whilst large government agencies are theoretically able to track some people within this anonymous space, it is very difficult, requires a huge amount of resources and isn't always successful.”

Who Uses the Darknet?

The architecture of the Darknet was originally developed by the military so that exact locations could be hidden. And while the military and government still use the Darknet, it is also an underworld playground of criminal activity and freedom fighters. It is used by journalists, whistle-blowers, revolutionaries, and others (including terrorists) whose occupation or activities require anonymity. But it is also a prime place for drug dealers, child pornographers and the like.

Getting to the Dark Side

The most common ways to access the Darknet is through The Onion Router (TOR), and The Freenet Project, although there are many other ways for the tech savvy to get there and newer entryways are on the horizon. These claim to offer anonymity and freedom of speech on the Internet. Due to the nature of the Darknet, the technology and sites can seem fairly primitive by today’s standards and not all programs are compatible—think early 90s Internet.

Once there you will find myriad sites—some innocuous, some unscrupulous. The positive is that police and government agencies can use these as a means to tracking and shutting down criminal behavior. The downside, and the whole point of the Darknet is that due to the anonymity, it is very difficult to target the origin of these sites.

What Can You Learn From Darknet

There are some who argue that this is not really a criminal underworld. There is an element of the darknet that is based on the premise of freedom and anonymity—an Internet where you can spout what you want without fear of being “outed” or protect your identity for various reasons. As with anything that is ungoverned, both are true.

So, what can analyst, security directors, and other cybersecurity professionals learn here? Just like anything else, spending time with someone or something is a great way to learn. So, take some time to browse it. There is not really an underworld Google, so searches can be tricky and unreliable; just be cautious clicking around as you never know what you might stumble upon: drugs, weapons, porn, terrorism. Accessing and exploring the dark web is really the only way to familiarize yourself with it. Discovering how people operate on the Darknet is a great way for you to get inside the heads of hackers. Why not start up a chat with someone and discuss cybersecurity? It might be a fellow security professional or a professional hacker—you might not know which—but this is an unorthodox way of exchanging and gathering information.

Try not to fear the Darknet and only think of it as the Internet for criminals. Look at it like an unconventional way to learn more about cybersecurity, hacking, and freedom of information.

Don't forget to register for the upcoming SANS Cyber Threat Intelligence Summit February 3-4, 2016 in Virginia. Register here!