Category: Analysis

The dark web is a small, less accessible part of the deep web, and makes up a tiny portion of the World Wide Web. To access the dark web, users need to install a private browser like Tor, use a Virtual Private Network (VPN), and use search engines designed to find hidden sites. And since users cannot be tracked or monitored, the dark web is often used for illegal purposes.

“There’s a compounding and unravelling chaos that is perpetually in motion in the dark web’s toxic underbelly,” says James Scott, Senior Fellow, Institute for Critical Infrastructure Technology.

The dark web refers to a hidden part of the internet not indexed by regular search engines and requires specialised browsers like Tor to access. It hosts both legal and illegal activities, offering anonymity but also posing risks like scams and illicit content.

The Internet is vast, comprising millions of web pages, databases, and servers that operate 24 hours a day. However, the portion known as the ‘visible’ Internet—also referred to as the surface web or open web— consists of sites that can be accessed through search engines like Google and Yahoo. This represents only the tip of the iceberg.

There are several terms surrounding the non-visible Web, but it is worth knowing how they differ if you are planning to browse off the beaten path.

The Surface Web or Open Web

The open web, or surface web, is the visible surface layer. If we continue to visualise the entire web like an iceberg, the open web would be the top portion above the water. From a statistical standpoint, this collective of websites and data make up under 5% of the total internet.

All commonly public-facing websites accessed via traditional browsers like Google Chrome, Internet Explorer, and Firefox are contained here. Websites are usually labelled with registry operators like ‘.com’ and ‘.org’ and can be easily located with popular search engines.

Locating surface web websites is possible because search engines can index the web via visible links (a process called ‘crawling’ due to the search engine travelling the web like a spider).

The Deep Web

The deep web lies beneath the surface web and makes up approximately 90% of all websites. It can be compared to an iceberg, with the bulk hidden below the water’s surface and much larger than what is visible above. This hidden web is so vast that it’s impossible to determine exactly how many pages or websites are active at any given moment.

Carrying on with the analogy, big search engines could be considered

like fishing boats that can only ‘catch’ websites close to the surface. Everything else, from academic journals to private databases and more illicit content, is out of reach. This deep web also includes the portion that we know as the dark web.

While many news outlets use ‘deep web’ and ‘dark web’ interchangeably, much of the deep portion is perfectly legal and safe. Some of the largest parts of the deep web include:

• Databases: Public and privately protected file collections that are not connected to other areas of the web, only to be searched within the database itself.
• Intranets: Internal networks for enterprises, governments, and educational facilities used to communicate and control aspects privately within their organisations.

If you are wondering how to access the deep web, chances are you already use it daily. The term ‘deep web’ refers to all web pages that are unidentifiable by search engines. Deep websites may be concealed behind passwords or other security walls, while others tell search engines not to ‘crawl’ them. Without visible links, these pages are hidden for various reasons.

On the larger deep web, its hidden content is generally cleaner and safer. Everything from blog posts in-review and pending web page redesigns, to the pages you access when you bank online, are part of the deep web. Furthermore, these pose no threat to your computer or safety at large. Most of these pages are kept hidden from the open web to protect user information and privacy, such as:

• Financial accounts like banking and retirement
• E-mail and social messaging accounts
• Private enterprise databases
• HIPPA sensitive information like medical documentation
• Legal files

Exploring the deep web can present significant dangers. However, for some users, certain areas of the deep web provide a means to bypass local restrictions and access television or movie services that may not be available in their region. Others go somewhat deeper to download pirated music or steal movies that are not yet in theatres.

At the dark end of the web, you will find the more hazardous content and activity. Tor websites are located at this far end of the deep web, which are deemed the ‘dark web’ and are only accessible by an anonymous browser.

Deep web safety is more relevant to the average internet user than dark web safety, as you could end up in dangerous areas by accident: many portions of the deep web can still be accessed in normal internet browsers. This is how users can travel through enough tangential pathways and end up on a piracy site, a politically radical forum, or viewing disturbingly violent content.

The Dark Web

The dark web refers to sites that are not indexed and only accessible via specialised web browsers. Significantly smaller than the tiny surface web, the dark web is considered a part of the deep web. Using our ocean and iceberg visual, the dark web would be the bottom tip of the submerged iceberg.

The dark web, however, is a very concealed portion of the deep web that few will ever interact with or even see. In other words, the deep web covers everything under the surface that is still accessible with the right software, including the dark web.

Breaking down the construction of the dark web reveals a few key layers that make it an anonymous haven:

• No webpage indexing by surface web search engines. Google and other popular search tools cannot discover or display results for pages within the dark web.
• Virtual traffic tunnels via a randomised network infrastructure.
• Inaccessible by traditional browsers due to its unique registry operator. Also, it is further hidden by various network security measures like firewalls and encryption.

The reputation of the dark web has often been linked to criminal intent or illegal content, and ‘trading’ sites where users can purchase illicit goods or services. However, legal parties have made use of this framework as well.

When it comes to dark web safety, deep web dangers are very different from dark web dangers. Illegal cyber activity cannot necessarily be stumbled upon easily but tends to be much more extreme and threatening if you do seek it out. Before we unpack the dark web’s threats, let us explore how and why users access these sites.

How to Access the Dark Web

The dark web was once the province of hackers, law enforcement officers, and cybercriminals. However, new technology like encryption and the anonymisation browser software, Tor, now makes it possible for anyone to dive dark if they are interested.

Tor (The Onion Routing) network browser allows users to access websites with the ‘Onion’ domain. This browser is a service originally developed in the latter part of the 1990s by the United States Naval Research Laboratory.

Understanding that the nature of the internet meant a lack of privacy, an early version of Tor was created to hide spy communications. Eventually, the framework was repurposed and has since been made public in the form of the browser we know today. Anyone can download it free of charge.

Think of Tor as a web browser like Google Chrome or Firefox. Notably, instead of taking the most direct route between your computer and the deep parts of the web, the Tor browser uses a random path of encrypted servers known as nodes. This allows users to connect to the deep web without fear of their actions being tracked or their browser history being exposed.

Sites on the deep web also use Tor (or similar software such as I2P, the ‘Invisible Internet Project’) to remain anonymous, meaning you will not be able to find out who is running them or where they’re being hosted.

Is it illegal to go on the dark web?

In simple terms, it is not illegal to access the dark web. Some uses are perfectly legal and support the value of the dark web. On the dark web, users can seek out three clear benefits from its use:

• User anonymity
• Virtually untraceable services and sites
• Ability to take illegal actions for both users and providers

As such, the dark web has attracted many parties who would otherwise be endangered by revealing their identities online. Abuse and persecution victims, whistleblowers, and political dissidents have been frequent users of these hidden sites. But of course, these benefits can be easily extended to those who want to act outside the constraints of laws in other explicitly illegal ways.

When viewed through this lens, the dark web’s legality is based on how you as a user engage with it. You might fall to the wayside of legal lines for many reasons that are important for the protection of freedom. Others may act in ways that are illegal for the protection and safety of others. Let us unpack these concepts of the ‘dark web browser’ and the websites themselves.

Is ‘Tor’ Illegal to Use?

On the software end, Tor and other anonymised browsers are not strictly illegal. These supposedly dark web browsers are not tethered exclusively to this portion of the internet. Many users now leverage Tor to browse the public Internet and the deeper parts of the web privately.

The privacy offered by the Tor browser is important in the current digital age. Corporations and governing bodies alike currently participate in unauthorised surveillance of online activity. Some do not want government agencies or Internet Service Providers (ISPs) to know what they are looking at online, while others have little choice. Users in countries with strict access and user laws are often prevented from accessing even public sites unless they use Tor clients and virtual private networks (VPNs).

However, you can still take illegal actions within Tor that could incriminate you regardless of the browser’s legality. You could easily use Tor in an attempt to pirate copyrighted content from the deep web, share illegal pornography, or engage in cyber terrorism. Using a legal browser will not make your actions fall to the right side of the law.

Are Sites on the Dark Web Illegal to Use and Visit?

On the network end, the dark web is a bit more of a grey area. The use of the dark web usually means that you are attempting to engage in an activity that you could not otherwise carry out in the public eye.

Government critics and outspoken advocates fear backlash if their real identities are discovered. Those who have endured harm at the hands of others may not want their attackers to discover their conversations about the event. If an activity is deemed illegal by the governing bodies you fall under, it would be unlawful.

While anonymity has its benefits, it also has a darker side. Criminals and malicious hackers often prefer to operate in secrecy. For instance, cyberattacks and trafficking are activities that those involved know are illegal and could lead to severe consequences. Consequently, they turn to the dark web to conceal their actions.

Browsing the dark web is not illegal, but it can pose certain risks. While not illegal, there are many areas on the dark web where unsavoury activities take place, which can expose inexperienced users to unnecessary dangers. It is important to exercise caution or have the knowledge and skills necessary to navigate its threats. So, what are the primary uses of the dark web when it comes to illegal activities?

Types of Threats on the Dark Web

If you are considering using the dark web for basic privacy purposes, you might still question: Is the dark web dangerous to use?

Unfortunately, it can be a dangerous place to be. Below are some common threats you may face during your browsing experiences:

Malicious Software

Malicious software — i.e. malware — is fully alive all across the dark web. It is often offered in some portals to give threat actors the tools for cyber attacks. However, it also lingers all across the dark web to infect unsuspecting users just like it does on the rest of the web.

The dark web does not carry as many social contracts that website providers follow to protect users on the rest of the web. As such, users can find themselves regularly exposed to some types of malware like:

• Keyloggers
• Botnet malware
• Ransomware
• Phishing malware

If you choose to pursue exploring any sites on the dark web, you put yourself at risk of being singled out and targeted for hacks and more. Most malware infections can be caught by your endpoint security programmes.

The threats of online browsing can extend into the unplugged world if your computer or network connection can be exploited. Anonymity is powerful with Tor and the framework of the dark web, but it is not infallible. Any online activity can carry breadcrumbs to your identity if someone digs far enough.

Government Monitoring

With many Tor-based sites being overtaken by police authorities across the globe, there is a clear danger of becoming a government target for simply visiting a dark website.

Illegal drug marketplaces like the Silk Road have been hijacked for police surveillance in the past. Utilising custom software to infiltrate and analyse activity has allowed law officials to discover the user identities of patrons and bystanders alike. Even if you never make a purchase, you could be watched and incriminate yourself for other activities later in life.

Infiltrations can put you at risk of monitoring for other types of activity as well. Evading government restrictions to explore new political ideologies can be an imprisonable offence in some countries. China uses what is known as the ‘Great Firewall’ to limit access to popular sites for this exact reason. The risk of being a visitor to this content could lead to being placed on a watchlist or immediate targeting for a jail sentence.

Scams

Some alleged services like professional hitmen may be scams designed to profit from willing customers. Reports have suggested the dark web offers many illegal services – from paid assassinations to trafficking for sex and weapons.

Some of these are well-known, established threats that circulate in this nook of the web. However, others may take advantage of the dark web’s reputation to trick users out of large sums of money. Also, some users on the dark web may attempt phishing scams to steal your identity or personal information for extortion.

End-user Protection Against Exploitation by the Dark Web

Regardless of being a business, parent, or any other web user, you ought to take precautions to keep your information and private life off the dark web.

Identity theft monitoring is critical to keep your private information from being misused. All types of personal data can be distributed online for a profit. Passwords, physical addresses, bank account numbers, and social security numbers circulate on the dark web. You may already be aware that malicious actors can use these to harm your credit, engage in financial theft, and breach your other online accounts. Leaks of personal data can also damage your reputation via social fraud.

Antimalware and antivirus protections are equally crucial to prevent malicious actors from exploiting you. The dark web is filled with information theft from malware-infected users. Attackers can use tools like keyloggers to gather your data, and they can infiltrate your system on any part of the web. Endpoint security programmes like Kaspersky Security Cloud are comprehensive to cover both identity monitoring and antivirus defences.

How to Access the Dark Web Safely

If you have a legitimate or viable need to access the dark web, you will want to ensure you stay safe if you decide to use it.

Seven Tips for Safe Access to the Dark Web

1. Trust your intuition. To avoid being scammed, you will want to protect yourself with smart behaviour on the web. Not everyone is who they seem. Staying safe requires being careful who you talk to and where you visit. You should always take action to remove yourself from a situation if something does not feel right.
2. Detach your online persona from real life. Your username, email address, real name, password, and credit card should never be used anywhere else in your life. Create brand-new throwaway accounts and identifiers for yourself if necessary. Acquire prepaid, unidentifiable debit cards before making any purchases. Do not use anything that could be used to identify you — whether online or in real life.
3. Employ active monitoring of identity and financial theft. Many online security services now offer identity protection for your safety. Be sure to use these tools if they are available.
4. Explicitly avoid dark web file downloads. Fear of malware infection is significantly higher in the lawless territory of the dark web. Real-time file scanning from an antivirus programme can help you check incoming files in case you download them.
5. Disable ActiveX and Java in any available network settings. These frameworks are notorious for being probed and exploited by malicious parties. Since you are travelling through a network filled with said threats, you will want to avoid this risk.
6. Use a secondary non-admin local user account for all daily activities. The native account on most computers will have full administrative permissions by default. Most malware must take advantage of this to execute its functions. As such, you can slow or halt exploitation by limiting the account to strict privileges.
7. Always restrict access to your Tor-enabled device. Protect your children or other family members so they are not at risk of stumbling across something no one should see. Visit the deep web if you are interested, but do not let kids anywhere near it.

Chandan Pan is a Senior Architect in AI and Customer Decision Hub Unit at BPM MNC.

Data is the new oil in the digital economy, and the 21st century is now witnessing the power of Artificial Intelligence and Data Science as a tool in law enforcement in preventing and detecting cyber-crimes and policing systems.With the help of AI, it may be possible for a machine to act and behave like a human and learn from experiences of law and order. Today, AI is part of our day-to-day life. Starting from our small daily needs to organisations, AI is now being used inevery corner of our world, from automated driving of a car to generating code for software. As technology is evolving day to day, new methods and techniques are also being used by criminals in executing cyber offences. By recognising the patterns of digital footprints applied by the criminals, AI can detect a signal in identifying a digital threat in the policing system with the help of the following design:

With the need of the hour, law enforcing departments are also trying to explore latest AI-driven technology to prevent and detect crimes by data-driven approaches. This technology holds great promise to detect various types of crimes in the near future. These crimes pose personal, financial, and economic risk, which turns into complex challenges for law enforcement departments in investigation and prosecution. With the advent of AI, it can seamlessly increase the operational efficiency in the policing system by applying Intelligent Automation (IA), transforming data into insightful information, making decisions faster, and sometimes more accurately than humans.

Various milestones in AI can be useful in solving the complex problems in crime detection:

The advancement in data driven smart technologies has transformed the shape of criminal activities. Cybercrime comprise of many crimes, including various hacking techniques, frauds, online provocations, etc. The law enforcement department is using technologies to collect data from various digital channels like camara, microphones, social media monitoring for threats, security or violation of governance. AI and Deep Learning interpret, analyse and train itself from these varieties of data to identify ordinance violations or emerging threats. AI technologies such as Computer Vision, Image Processing, Facial and License Plate Reading, Speech Identification or Handwriting Recognition can help the police quickly and accurately identify individuals wanted for serious crimes, as well as missing vehicles or people.

One of the keys areas where AI is widely used is Human Behaviour Analysis. With the advent of big data technology and cloud repositories, AI can use vast amounts of human demographical, behavioural, transactional, and movements in social media to recognise patterns and anomalies, offering promising solutions to complex challenges beyond human capacity.

Harnessing the power of various statistical and mathematical algorithms, AI can read, process, analyse large volumes of unstructured datasets like social media posts, sms, network logs and texts from dark web forums to discover mysterious cyber connections and identify potential threats. This data science-driven strategy enables law enforcement to spotlight various stages of investigations, helps in resource allocation, and can predict various threats well in advance. It can, therefore, perform risk assessment and protect the society.

Traditional forensic framework sometimes involves manual investigation of digital footprints consuming considerable time and cost. Using the power of deep learning, digital forensic process can be accelerated in crime investigations to provide information for action.

Machine Learning (ML) helps in predictive policing where smart technology helps to forecast when and where a future crime will occur. Using criminology reports, predictions are made regarding when and by whom a crime may occur. ML also predicts the severity of the crime, enabling continuous monitoring of suspects’ networks and behaviours. For instance, one could forecast a significant rise in assaults and robberies in a specific area. Inputs may include types of locations or social circumstances, allowing for 24×7 system monitoring and the creation of a real-time risk score. For example, one might forecast an increase in residential burglaries along secluded bus routes on weekdays just after office hours, or one might forecast an increase in jewelry stores break-ins over the weekend or at certain time of the year. From such forecasts, security can be increased to prevent crime or apprehend criminals. AI also plays a key role in preventing and detecting malware, thereby strengthening software systems and reducing the risk of malware infections.

Text Analytics and Natural Language Processing (NLP), is a part of AI which can generate signals from unstructured text, like reports, WhatsApp messages, social media content, etc. It uses various algorithms to produce threat intelligence, read the sentiments and emotions of the user, and provide intent and summary of the text. Another application of text analytics is detection of fabrication in media news and identification of fake news.

Indeed, for over a century before the advent of AI, the police have been using their experience, hints from informants, complaints from the public, police craft lore, and amazingly, simple mapping procedures to do predictive policing. Thanks to increased data volumes, advanced algorithms, and improvements in computing power and storage, AI has elevated this capability to the next level. While the evidence of forecasting accuracy in predictive AI for policing systems can be inconsistent, AI-based tools make it easier to identify patterns and trends that might elude human detection. This enables law enforcement agencies to allocate resources more effectively and prevent crime. Similarly, AI can be utilised to identify individuals who may pose a risk to public safety.

The Singapore Civil Defence Force (SCDF) has recently implemented Unmanned Aerial Vehicles (UAVs) to help in smart observing activities in public spaces, such as complex rescue operations, surveilling monitoring areas, critical fire tracking, etc., by providing an intelligent bird’s-eye view of an operation. Various Internet of Things (IoT) devices with autonomous navigation and various mapping statistical and mathematical algorithms can enhance the capabilities of UAVs to improve the effectiveness of surveillance and response operations.

All technological advancements have their trade-offs, and predictive policing is no exception. The algorithms used may shift oversight concerns from police officers and their superiors to technical details of forecasting algorithms. Moreover, the data used to train algorithms can be flawed, as reported crimes may not always align with crimes committed, and reported crimes may be mischaracterised. The yardstick for forecasting accuracy is current practice, not perfection. The guiding question is whether predictive policing leads to improvements in accuracy beyond current procedures. While there have been some successes, there are no definitive conclusions yet.

Despite its numerous features and advantages, implementing AI in cybercrime detection and policing systems poses several challenges. One key challenge is the collection, storage, and preprocessing of raw data to remove noise for effective algorithm processing. Additionally, there may be biases in both the data and the algorithm, potentially leading to inaccurate predictions by the system and software.

We will conclude the topic although the ability of machine to think like human in analysing crime data, identify patterns of crimes, and proactive generate threat intelligence has been reformed in last one decade, but this is just the beginning. However, AI may not be able to fully replace humans’ existence in Law enforcement.By confirming transparent decision-making system, we should maximise the usage of implementing state-of-the-art AI in law enforcement system of our society with equality and integrity to avoid any adverse consequence. In conclusion, while machines have made significant strides in analysing crime data, identifying patterns, and generating proactive threat intelligence over the past decade, this is just the beginning. However, it is important to acknowledge that AI may not completely replace human involvement in law enforcement. By ensuring transparent decision-making systems, we can maximise the benefits of implementing state-of-the-art AI in our law enforcement systems with equality and integrity to avoid any potential adverse consequences.