If you've never heard of the "deep web," there's a good chance you'll never come across it. But it's growing in size and popularity, for both good and nefarious uses.
A new report from security firm Trend Micro takes a look at the state of the "deep web," the part of the internet that isn't indexed or normally visible or accessible from search engines. This also includes the "dark web," which can only be accessed through certain anonymity tools and services, like the Tor browser.
The deep and dark web have come under great interest and scrutiny in recent months following the trial of Ross Ulbricht, who was charged and convicted of running one of the dark web's largest and most popular underground marketplaces, dubbed Silk Road. But what it is and how it works remains a mystery to most people -- likely because for most there's no need to go there. Granted, a good portion of the report reads like plain-old fearmongering, and suggests that most people who use it or access it are doing it for illicit purposes. But there are some interesting nuggets in it, too.
Here are the choice highlights:
1. The deep web is huge, and nobody can see all of it. It's not possible to determine exactly how many deep web pages there are at any given time, or to provide a comprehensive picture of everything in it because of the very stealthy nature of certain parts of the dark web. "No one can say with certainty that they've fully explored its depths," the report says. It's also a rapidly changing landscape based on the comings and goings of new services and marketplaces.
2. Good people use the deep and dark web, too. Many use it to buy drugs and other illegal items from seemingly untraceable sites. But it's also used by people who "want to remain anonymous or set up sites that can't be traced back to a physical location or entity." That includes people who need to protect their identity and communications from state and private surveillance, like whistleblowers and journalists. The report also notes that "dissidents in restrictive regimes may need anonymity and security in order to safely let the world know what's happening in their country."
3. Most of the drug-seekers are just after plain old pot. The top fifteen marketplaces showed that lighter drugs, such as cannabis, were the most sought after than any other narcotic. Though harder drugs are generally available, buying video games and stolen user accounts are also high up on the list of purchased items.
4. You name it, you can (probably) get it. The report notes that a cybercriminal underground "definitely operates" in the deep web, claiming to offer fake citizenship documents and passports, and other "professional services," like assassinations. (The report also fairly notes that it "can't fully vouch for the authenticity of the goods and services... except for the fact that the sites advertising them do exist and account for the different transactions that go on in the deep web.")
6. The deep web can host command-and-control infrastructure for malware. The hidden nature of Tor and other services means it's easy to host and hide malware controlling servers on the deep web. One example is the Cryptolocker malware, which encrypts victims' documents for ransom. The report says the malware is smart enough to automatically adjust the price and language depending on where the victim is in the world.
7. Seizing criminal marketplaces doesn't do much. The report says there are "not particularly lasting or impactful solutions against the drug trade," as when one marketplace falls another one opens. There are a number of high-profile online outlets for drugs and other services that have been active as long as (and in some cases longer than) Silk Road.