We have this notion that all the bad stuff on the internet takes place in a dark room. You probably picture some faceless guy in a hoodie hunched over his computer screen, discreetly but effectively wreaking havoc on the world.
That, ladies and gentlemen, is from watching far too much made-for-TV police dramas. The truth is, the "bad guy" isn't usually just one person. It's more likely a group activity. Consider it a mafia of digital hackers working to get their hands on top dollar information.
Beyond Chrome and Internet Explorer -- a.k.a. the "regular web" or indexed web's -- search engine capabilities, there is the Deep or Dark Web. Let's explore how it works and get to the bottom of how it affects small businesses.
Deep Web or Dark Web are often used mutually as a term that defines all the web pages that regular search engines cannot find. For clarity, the Deep Web refers to the pages you can't find on Google, while the Dark Web is referenced as pages where illegal activity happens on the unindexed web.
What is the Deep Web?
According to TechAdvisor – "The [Deep] Web is a term that refers specifically to a collection of websites that exist on an encrypted network and cannot be found by using traditional search engines or visited by using conventional browsers."
Breaking it down into simple terms, the regular web only makes up about 10% of the entirety of the Internet. If the Internet didn't already feel massive enough, the web, according to your favorite search engine, is only the tip of the iceberg.
Brian Modrak, Service Delivery Manager at Accent Computer Solutions, Inc., broke down what the Deep Web is:
"Well, the Deep Web is simply a bunch of servers around the world that are linked together. They allow people to access information privately. These servers and data sources are not indexed by any search engine so that you won't find them through Google or a Bing search."
The Dark Web is advertised so well that it is set up to look like a privacy haven. It tricks you into thinking it is a better way to surf the internet. Upon first hearing about it, my first response was: Great! Now airlines can't track my every move. I'll be able to find the best deals on airline tickets without bothering to open websites incognito. I won't see ad placements anymore. So long Google, no more stalking me!
Brian quickly explained to me that this is what these private web browsers want you to think.
"The two main browsers market the Deep Web as a safe place to communicate with your family and friends without anyone tracking your internet preferences. From that level, it is true; no one can track you. Accessing the Deep Web and its browsers – there is nothing illegal about that. The problem with these sources isn't that they are private, but what comes along with their privacy. Because traffic, communication, and content are all hidden, private, and secret, it also tends to become a common ground for criminals and illegal activity."
Brian went into further detail about why criminals can easily sell drugs, weapons, or even videography of a disturbing type on the Dark Web without being caught:
"The traffic is routed to private servers that aren't indexed on the public internet. Meaning they can't be found on Google. Typically, you will see that traffic is rerouted through 3-to-6 different servers spread throughout the world. So, your traffic goes from here in California to maybe Seattle, then over to China, then Russia, then back to Germany. Making it almost impossible to track."
How to Keep Your Business Safe
Ever wonder where spyware and malware come from? Ever wonder why it has infected your system? According to Small Business Trends, 60% of small businesses go out of business within six months after a cyber-attack. What starts on the Dark Web always finds its way to you, on your browser.
The Deep Web runs like a business. People have lists of information, and other people buy those lists using untraceable money called Bitcoin. They buy things like email lists, bank account information lists, client lists, credit card numbers, debit plus pin numbers, etc. – basically, if you need information about anything, someone has it and is willing to sell it to you.
People use this information to hack their way into things associated with you, commonly referred to as identity theft, or to make fraudulent charges. It's very simple for them once they have all the right information. They create all kinds of fake emails or PDFs to get you hooked, and by the time you realize it's a scam, it's too late.
From the outside looking in, it's easy to say, "I don't use any private web browsers, nor do I allow anyone in my business to, so I am safe, and this doesn't affect me." – This is the wrong outlook, but I'll admit it was also my first assumption.
So, how does this "other" web, or bottom half of the iceberg even affect business? Brian explains:
"Small business accounting departments are especially at risk. Hackers buy a list of verified emails, knowing who your small businesses work with. The emails look like bank information or details of an invoice you have sent to clients. If you invoice your clients monthly, these emails look legitimate. The accounting department is trying to process a lot of information at once and happens to open that one email that has a skewed email address upon further review. They open the PDF attachment that claims to show a charge dispute, and just like that, you are infected. -- I've seen this done as a live demonstration. It takes less than 2 seconds from the time that the attachment is opened to when the first files are infected."
You see, it's not a lone ranger in the basement trying to make friends. It's a network of people targeting anyone they can. How does your company keep its records safe? Are credit card numbers and banking information secure? Would it be easy for someone to steal verified information from your company? This is a great time to talk to your IT service provider about how to keep your information as safe as possible to avoid breaches from hackers on the Deep Web.
Tech Minute
Down to the minute with the latest news in the world of IT.