This article was originally published August 6, 2024
To many, the dark web is a mysterious destination known for being frequented by criminals and hackers. There are many different interpretations of what exactly goes on in this siloed part of the greater World Wide Web, which explains why it is considered a place filled with unknowns. In many cases, to truly understand something, you need to understand its history and what unfolded to bring it to its current position. Just as we once explored the Evolution of Security Awareness Training last month, here’s a brief history of the dark web.
What is the Dark Web?
The dark web is a hidden part of the Internet that consists of anonymous websites and services, which cannot be accessed through common search engines like Google or Bing, or standard web browsers, such Chrome, Edge, Safari or Firefox. Instead, it requires a special service known as Tor (“The Onion Router”), designed to ensure the anonymity and privacy of its users by keeping IP addresses hidden. However, in response to increased scrutiny by law enforcement throughout the late 2010’s to 2020’s, many cybercriminals have begun leveraging encrypted messaging applications like Telegram as well as a Tor browser to communicate more discreetly.
Transactions on the dark web often utilize cryptocurrencies like Bitcoin or newer “privacy coins” like Monero to maintain user anonymity and facilitate untraceable exchanges.. Despite its potential for legitimate use, such as bypassing censorship or ensuring secure communications for whistleblowers, the dark web is also notorious for being a hub of illegal activities. Law enforcement and cybersecurity experts continuously monitor this realm to detect and combat crimes, ranging from the sale of illicit drugs and weapons to cybercrime and the trafficking of stolen data.
A Brief History of Dark Web Crime
The Darknet Foundation (1960’s – 1970’s): The U.S. Department of Defense launched the Advanced Research Projects Agency Network (ARPANET) project to decentralize communications in case of widespread disruptions. This later led to the creation of the first “darknet,” which was originally a network that could receive messages from ARPANET but was programmed not to automatically respond, relying on remaining isolated and hidden to ensure security.
In the Beginning (1990’s): The formation of the current dark web’s origins trace back to the 1990s with the creation of Onion Routing by the U.S. government, a technology designed to protect intelligence communications and whistleblowers. During this period, phishing tactics also emerged in AOL chatrooms, where users generated random credit card numbers to create phony AOL accounts and spam the community.
The Rise of Tor (2000’s): The early 2000s saw the development of the Tor Project, which was built on Onion Routing principles to facilitate anonymous communication on the dark web. Notably, in 2003, the Mimail virus targeted PayPal users through phishing emails, tricking them into divulging their credentials.
(Cyber) Crime Marketplace (2010’s): The dark web gained significant notoriety in February 2011 with the creation of the Silk Road by Ross Ulbricht, a marketplace for illegal drugs using Tor and Bitcoin. By June 2011, the Silk Road had attracted substantial attention from law enforcement, leading to its shutdown in 2013 and Ulbricht’s arrest and sentencing in 2015 to two life terms plus 40 years. Despite law enforcement efforts, new illegal dark marketplaces continually emerge. During this time, hackers began to use the dark web as a medium for identity theft – placing usernames and passwords obtained from mass security breaches up for sale.
Phishing Hub (2020’s): The dark web remains a hub for both legal and illegal anonymous activities, including the buying and selling of Personally-Identifiable Information (PII). As of 2022, over 24 billion usernames and passwords are available on the dark web. Experts don’t predict this trend will change any time soon. Additionally, hackers are now selling exploit kits on the dark web, which allow the buyer access to a toolkit designed to automatically target and exploit known vulnerabilities in:
- Web browsers
- Plugins
- All kinds of software applications
Law Enforcement Crackdowns and AI (mid-2020’s and Beyond): Throughout 2024, a shift in strategy by law enforcement agencies from the U.S. and throughout Europe culminated in several successive takedowns of major cybercriminal groups that operated on dark web marketplaces. Additionally, actions by inside actors also exposed the data and cryptocurrency wallets of some of the same groups; one example was when BreachForums’ administrator accounts were published online by an individual claiming to be their mentor, ostensibly out of a sense of patriotism for cyber attacks against France. However, despite this, cybercrime still continues on the dark web, with new AI-powered tools now making their way into marketplaces online.
How Does Data Get on the Dark Web?
The dark web is certainly a useful tool for bypassing censorship, accessing niche content, and secure communications. However, it is also closely associated with illegal activities such as drug and weapon trafficking, cybercrime, and the sale of stolen data. That begs the question, how does your information end up on the dark web?
Hackers often employ well-thought-out strategies, including phishing, malware, insecure networks, exploits, and keylogging, to obtain passwords and other sensitive information, which then end up on the dark web. When your information gets placed on the dark web, it can lead to a series of dangerous and potentially damaging consequences:
- Identity Theft: Cybercriminals can use your personal information to open credit accounts, take out loans, or commit other forms of fraud in your name.
- Financial Fraud: Hackers may access your bank accounts, credit cards, or online payment services to steal money directly.
- Credential Stuffing: Attackers use your stolen usernames and passwords to gain access to other accounts where you might use the same credentials.
- Phishing and Scams: Your information can be used to craft more convincing phishing emails or scam attempts, targeting you or others.
- Blackmail and Extortion: Criminals may threaten to release sensitive information unless a ransom is paid.
- Reputation Damage: Personal details can be used to tarnish your reputation or release embarrassing information.
Dark Web Monitoring Service with SWK
SWK offers Dark Web Monitoring services to help uncover and mitigate cyber-attacks using stolen email addresses and passwords. By monitoring domains, IP addresses and channels frequently used by malicious actors, SWK can track leaked data, identify where it has ended up and determine who may be using it to breach systems. Leveraging a combination of human and artificial intelligence, SWK scours botnets, chatrooms, blogs, bulletin boards and hacker websites.
The scope of this monitoring extends across multiple distinct internet relay chatroom channels, private websites and social media feeds, with over 10,000 refined queries executed daily. Scanning is conducted based on a company’s domain name, covering every associated email address within the organization, as well as up to five personal email addresses per account.
When exposed credentials are identified, the resulting reports detail every recorded breach — including the breach type, date and the method used to capture the data. Those methods can range from keylogging and phishing to third-party data breaches, accidental exposure and peer-to-peer file leaks. This level of detail allows your business to assess the severity of each exposure and respond accordingly, rather than treating all incidents as equal risk.
Learn More About SWK’s Dark Web Monitoring
SWK has a team of cybersecurity experts who monitor the dark web, tracking exposed credentials and the criminal channels where stolen data changes hands. This lets you focus on your day-to-day business operations and get what matters most accomplished.
Contact SWK today for a free dark web scan and a conversation with our team about what your results mean and how to act on them.