Güvenlik

Introduction to Cybersecurity and Dark Web (Part 2)

Web and Its Levels

The term dark web is part of the WWW and known as invisible/hidden web. The content on the dark web remains hidden and cannot be searched through conventional search engines. The content only exists on personal encrypted networks or peer-to-peer configurations, and it is not indexed by typical search engines. Therefore, the large part of the internet that is inaccessible to conventional search engines is known as deep web (invisible web). Everyone who uses the web virtually visits what could be reflected as deep websites on a daily basis without being aware.

The deep web is the anonymous internet where it is much difficult for hackers, spies, or government agencies to track internet users and have a look on which websites they are using and what they are doing there.

Web Levels

There are various levels of deep web; for instance, the lower level (level 1) is generally comprised of the “open to public” part of the web, and the upper level (called level 5) is known as dark web which is not accessible by normal web browser and needs to get The Onion Router (Tor) network or some other private network. The following table gives a brief understanding of the level of dark web:

Level 1 Common web
Level 2 Surface Web Reddit Digg Temp email services
Level 3 Bergie Web Google locked results Honey ports Freehive, Bunny Tube, etc.
Level 4 Charter Web Hacking Groups Shelling Networking AI theorist Banned videos, books, etc.
Level 5 Onion sites Human trafficking, bounty hunters, rare animal trade Questionable materials Exploits, black markets, drugs

Web Categories

This section describes the three different levels of web such as the public web, the deep web, and the dark web.

Public web: It typically refers to the unencrypted or non-dark net. This traditional WWW has relatively low-base anonymity, with most websites routinely identifying users by their IP address.

Deep web: It refers to internet content that is not part of the surface web. This means that instead of being able to search for places, you have to visit those directly. They’re waiting if you have an address, but there aren’t directions to get there. The internet is too large for search engines to cover completely; thus, deep web is largely present. The deep web generally mentions the web pages which are invisible by traditional search engine.

Dark web: It is part of the WWW and part of the deep web which can only be accessible by specific software, configurations, or authorization, often using nonstandard communication protocols and ports. The Onion Router is used to access the dark website which is called Tor network.

The following figure shows the differences between deep web, dark web, and internet.

Dark Net

The term dark net is part of dark deep web, and it is a collection of networks and technologies used to share digital content. The dark net is hidden from the users who use to surf with normal or standard browser, and it is also hiding the web address and server locations. The following table shows the difference between surface web, deep web, dark web, and dark net.

  Surface Web Deep Web Dark Web Dark Net
Description Content that search engine can find Content that search engine cannot find Content that is hidden intentionally
Known as Visible web, indexed web, indexable web, lightnet Invisible web, hidden web, deep net Underbelly of internet
Constitutes Web Web Web Network
Contents Legal Legal + illegal Illegal Illegal
Information Found 4% 96%
Browser Google Chrome, Mozilla Firefox, Opera, etc. Tor Browser Freenet, Tor, GNUnet, I2P, OneSwarm, RetroShare

The Implication of the Dark Web Crime

Security in the dark web is crucial for building confidence and security in the use of information technologies so as to ensure trust by the information society. Lack of security in cyberspace undermines confidence in the information society. This is especially the case with many intrusions around the globe resulting in the stealing of money; assets; and sensitive military, commercial, and economic information. With information flowing through boundaries of different legal systems connected to different networks around the globe, there is a growing need to protect personal information, funds, and assets, as well as national security. As a result, cybersecurity is gaining interest by both the public as well as the private sectors.

With the emerging applications of computer and IT, cybercrime has become a significant challenge all over the world. Thousands of cybercriminals attempt every day to attack against computer systems to illegally access them through the internet. Hundreds of new computer viruses and spam are released every month in an attempt to damage computer systems, or steal or destroy their data. Such threats are expensive, not only in terms of quantity but also in terms of quality. In recent years, experts are becoming more concerned about protecting computer and communication systems from growing cyberattacks including deliberate attempts to access the computer systems by unauthorized persons with the goal of stealing crucial data; to make illegal financial transfers; to disrupt, damage, or manipulate data; or execute any other unlawful actions.

As computer security has advanced, maintaining network persistence has grown harder. As per Australian Cyber Security Centre (ACSC) report (ACSC, 2017, p. 28), the culture has adapted to this environment, focusing on low-risk, high-reward targets to achieve their goals, with a focus on the development of social engineering methodologies to implement new attacks.

Further to this, the ubiquitous nature of the internet has allowed these nefarious individuals to gain increasingly detailed profiles of individuals through exploitation and analysis of their digital footprints. This has resulted in higher rates of spear-phishing attacks, identity theft and fraud, and the development of highly specialized malware tools.

There are many risks and pitfalls in cybersecurity incident that can seriously affect computer and network systems. It can be due to improper cybersecurity controls, man-made or natural disasters, or malicious users. The following section mentions some major incidents in the cyberspace.

Ozkaya

Dr. Erdal Ozkaya is a leading Cybersecurity Professional with business development, management, and Academic skills who focuses on securing the Cyber Space & sharing his real-life skills as a Security Adviser, Speaker, Lecturer, and Author. Erdal is known to be passionate about reaching communities, and creating cyber aware campaigns and leveraging new and innovative approaches and technologies to holistically address the information security and privacy needs for every person and organization in the world. He has authored many cybersecurity books as well as security certification courseware and exams for different vendors. Erdal has the following qualifications: Doctor of Philosophy in Cybersecurity. Master of Computing Research, Master of Information Systems Security, Bachelor of Information Technology, Microsoft Certified Trainer, Microsoft Certified Learning Consultant, ISO27001 Auditor & Implementer, Certified Ethical Hacker (CEH), Certified Ethical Instructor & Licensed Penetration Tester. He is an award-winning technical expert & speaker: His recent awards are: CISO Top 50 Award by Security ME Adviser Magazine & Tahawultech.com (2020) Legend Cybersecurity Pro by GEC Media (2019) Hall of Fame, CISO Magazine(2019) Cybersecurity Influencer of the year (2019) , CISO Magazine Cyber Security Professional of the year MEA (2019) Microsoft Circle of Excellence Platinum Club (2017), NATO Center of Excellence (2016) Security Professional of the year by MEA Channel Magazine (2015), Professional of the year Sydney (2014) and many speakers of the year awards at conferences. He also holds Global Instructor of the year awards from EC Council & Microsoft as well as Logical Operations. Erdal is also a part-time lecturer at Australian Charles Sturt University Erdal’s Social Media Accounts to follow: Twitter: https://twitter.com/Erdal_Ozkaya LinkedIn https://www.linkedin.com/in/erdalozkaya/ FaceBook https://www.facebook.com/CyberSec.Advisor/ Instagram https://www.instagram.com/drerdalozkaya/ Amazon https://www.amazon.com/-/e/B0796D9KQ4 He has built and managed CEO IT from scratch into a multi-million dollars National Training & IT Solutions center. With the skills, he has gained, he has introduced & repeated the success with KEMP Technologies, where he was tasked to single-handedly manage the ANZ region and then build the business in the Asia Pacific region. From there he joined Secunia as CISO in Dubai and extended his experience in Middle East & Africa. Beginning of 2016 he joined Microsoft as a Cybersecurity Architect / Trusted Security advisor where he is responsible in the EMEA region. Erdal currently works at Standard Chartered Bank as Head of Infomation and Cyber Security in a Managing Director status.

İlgili Makaleler

Bir Yorum

Bir yanıt yazın

E-posta adresiniz yayınlanmayacak. Gerekli alanlar * ile işaretlenmişlerdir

Başa dön tuşu