How to Sign In
Cengage Technology & Computing Blog
Showing results for 
Search instead for 
Did you mean: 
What is the Dark Web?

[Reading Time - 3 minutes 45 seconds]


Another day, another breach. This morning (Dec 6 2018) I received an email that an outside company used by our school had suffered a data breach. The names of school employees and their social security numbers were exposed. This is not the first time school employees have been the victim of a data breach.


And as is now typical when these breaches occur, employees are offered free "identity theft protection services." (I already have six of these free services due to past security breaches). Today's offering includes credit monitoring through 2023, a million-dollar insurance reimbursement policy, and "fully managed identity theft recovery services" (whatever that is).


In addition, this protection service also includes "cyberscan dark web monitoring." The other free services I have also claim that they continuously scan the "dark web" in order to identity if my data is being used by attackers.


But what exactly is the "dark web"?


How are these services scanning for my data? And does this really provide added protection?


By definition the Internet is an international network of computer networks that connects billions of devices together. The World Wide Web, or just "web," is a means for access information over the Internet. It is one of several different ways (think of email and FTP as other means) but the web is the most common and easiest to use. The web is accessible to anyone with a device that has a web browser. Information can be located by entering the address (URL) of the site that contains the information (like; if you don't know where the information is located, you can also search for it by entering the search criteria into a search engine (like Google) that continuously searches the web for content and then indexes what it finds. Search engines use web crawlers that follow hyperlinks through known protocol port numbers. Pretty simple.


But actually, there is much more to it than that.


Some web sites do not want their content to be discovered and indexed by search engines. For example, a website that contains private databases of user information may not want that information searchable by a search engine. In order to prevent their information from being found by search engine web crawlers a site's webmaster can take different steps to prevent it from being discovered.:


  • A site that requires a username and password can block a web crawler.
  • A site may use the robots exclusion standard that communicates with the web crawler and tells it which areas should not be scanned.
  • A site can also use CAPTCHAs to prevent scanning.

We might think of these sites as another "level" of the web. Web sites that cannot be discovered by a search engine's web crawler make up what is called the "deep web." In contrast, sites that can be discovered are called the "surface web."


But there is even another "level" of the web. It's called the "dark web."


The dark web is most often associated with criminal activity in which you can buy stolen credit card numbers, order drugs or guns, or trade tips with other attackers. And by some estimates almost two-thirds of all dark web sites are involved in some type of illegal activity.


But getting to the dark web and viewing its contents is not as easy as opening a web browser and using a dark web search engine.



First, to get to the dark web you must use an anonymizing browser called Tor. The Tor browser routes your web page requests through a series of proxy servers operated by thousands of world-wide volunteers. This prevents your device's IP address be being traced back to you.


Second, although there are some dark web search engines they are nothing like Google. The dark web search engines are clunky and notoriously inaccurate. One reason is because merchants who buy and sell stolen card numbers or sell drugs are constantly on the run and their dark web sites appear and then suddenly disappear with no warning. Third, dark web sites use a naming structure that results in dark web site URLs looking like "p6f47s5p3dq3qkd.onion." All of these are hurdles to keep out anyone who does not understand these inner workings.


So, does "cyberscan dark web monitoring" actually work by these protection services to determine if my stolen information is on the dark web?


Considering that the dark web cannot easily be searched using standard web browsers, the claims by protection services to perform "cyberscan dark web monitoring" should be considered as questionable. One service claims that they monitor "Internet forums and websites, web pages, IRC channels, refined PII search engine queries, Twitter feeds, P2P sources, hidden and anonymous web services, malware samples, botnets, and torrent sources." Of all those listed only the last ("torrent sources") could be called a dark web site; the others could indeed be part of the surface web and more easily monitored for suspicious activity.


It's important to remember that there are risks associated with using these services. One services automatically scans for email addresses and social security numbers, and then gives the option to scan for phone numbers, credit/debit cards, bank accounts, driver license numbers, passports, and medical identification. But if I give all this information to the service, what if they are then hacked? (It's already happened before). Thus, the very information that you want protected then becomes part of a data breach, and you are worse off than when you started.


So, should you use one of these identity theft protection services if they really cannot scan the dark web and if they could be the victims of attacks? You will have to decide for yourself if the advantages outweigh the risks. But just remember that the claim of scanning the "dark web" for your information is questionable at best.

Professor Ciampa is the author of several texts on Security Awareness and Network Security. These texts are available within MindTap as well. Login into MindTap here. MindTap is available to your students as part of Cengage Unlimited.


Fascinating post Mark.  People have been asking me what the "Dark Web" is and I didn't really have a grasp on it until now.  I've noticed that the phrase "dark web" is showing up in movies and tv crime shows, etc.


Here's my question: I Keep a VPN running when I browse the web (recently bought a subscription to PrivateVPN) - won't this be just as good as these "identity theft protection services"?


Hi, Michael:


Thanks. Yes, also I keep seeing the "Dark Web" coming up more frequently on TV and the movies.  But don't even get me started on how almost all of these shows mangle computer security by making it seem so easy!


Regarding your question on VPN, it's an excellent defense when we are protecting our data while it's in transit. But that only applies to me protecting my data while it's on the move. A VPN will not protect my data that another organization has, and a VPN doesn't protect my data while it's "at rest" on my computer.  So, using a VPN is important but it still only provides a limited degree of overall protection.





Good post. I have been using TOR for a bit and  your information is correct. The URLs really do not translate into what most users would call it.

The surface web, the deep web, and the dark web are terms that I have been aware of, but not many people outside. Great post.


   Thanks.  As you pointed out, the dark web is very different than what we are used to seeing.



Valued Contributor

Besides a VPN, will browsing in private browser mode help protect the transfer of your data...I've heard of TOR...sounds like the browser to use.


Hi, Mike:


   Using a VPN will help prevent someone from eavesropping in on your communication.  Browsing in private browser mode will only prevent cookies, your browsing history, and other identifying information from being stored on your local computer; it's more of a privacy protection.  While the TOR browser likewise deletes privacy data when it's closed, a TOR browser will automatically launch a TOR process and route traffic through the TOR network.  So, unless you're planning to access the TOR network you'll probably not want to use a TOR browser.




Thanks for always sharing your great cyber security knowledge with us Mark! 


I have also been playing with the browser Oracle. It is a private browser, but it does have a built in VPN.  TOR and browsers that include a VPN is a good thing.


Outstanding write-up Mark. How are you? This is going to make a great topic for my Security + class this winter. Our students derive so much from watching TV and what they see on the Internet. I agree with you, the shows do a terrible job showing just "how easy" NOT it is to discover a threat and protect a network. They love to pull up Kali, or Wireshark and seem completely knowledgeable on those. Speaking of becoming victim, where I teach was also victim to a virus outbreak in December. It started by someone that had admin rights on their PC opening up an email that contained an attachment. This virus morphed into a worm and that's the end of the story. Network had to be shut down to prevent further spread of the infection. 


Hi, Mark:


   Thanks; it's great to hear from you.  Glad to know that this is some material you can use in your class.  And sorry to hear of your school becoming a victim of an attack!



I learned a few things from this article. I don't think I could have articulated what the dark web was before reading this. It's intriguing enough to go poking around in the dark web, but I spend enough time going down internet rabbit holes. All I need is more of them!
Frequent Commenter

Thanks for this - interesting and informative! I knew it was out there but not sure I could have given much detail... it's kinda alarming, but good to stay informed 

Valued Contributor

Great post! Enjoyed reading it, especially since my research focuses on security and biometrics. I learned a lot and hope to do some more reading and research on this critically important topic today.