The recent Optus data breach has brought the Dark Web back into the headlines, with reports those behind the data breach were attempting to sell the sensitive information there.
Create a free account to read this article
$0/
(min cost $0)
or signup to continue reading
It has been a daunting thought for the estimated 9.8 million Australians caught up in the breach, and an equal challenge for police searching for the culprit.
As experts scrutinise our privacy laws, law enforcement agencies seek further powers, and regular Australians become more cautious about who is collecting and sharing their data, we can be sure the term will continue to pop up in news feeds.
But what is the Dark Web and how worried should we be about it?
What is the Dark Web?
Most people are familiar with typing a '.com' into the address bar to get to get to their favourite sites or googling a recipe or the latest sports result. When we do this we are actually looking at the 'surface web'. This is less that 10 per cent of what makes up the entire internet.
Below this is the 'deep web'. Most simply, the deep web is the parts of the internet you and your search engine don't see. This isn't the dark web yet, it is just the information sitting behind companies and institutions. Think of all records and data held by banks, governments or universities. It also includes information stored on websites behind passwords, like our emails.
Then there is the dark web. The dark web was developed by the US Naval Research Laboratory in the '90s with the aim of protecting United States government and intelligence communications. 'The Onion Router', or Tor for short, is the original.
Unlike standard browsing, where your computer connects directly with a website to access data, Tor passes the information through multiple layers of other computers. This works to hide who you are, where you are and what data you've been accessing or sharing.
You can't see dark web sites on a standard web browser though, this is what allows for anonymity. To get to the sites, you need a specific programs - tor browsers. On Tor, you use a '.onion' address to get to a site. While the image of someone sitting in a basement surrounded by computer servers may come to mind, you can even access the dark web through an app on a phone.
So how did a U.S. government-backed network become a hotspot for questionable activity? They faced a simple problem: you can't hide who is an intelligence officer if they are the only ones using it. They released it to the public. The U.S. government remains a large funder of Tor, although this is slowly dropping over time. They were coughing up 85 per cent of funding in 2015, down to 51 per cent in 2017.
The dark side
Since going public, the anonymous nature of the dark web has seen it become a place hosting large-scale, complex and anonymous platforms and services used to facilitate the trafficking of drugs and firearms, child sexual abuse, extremist content and the sale of stolen identification documents. If you've ever had an alert that your password was found in a breach, it is probably for sale on the dark web.
Silk Road was the most well-known dark web site. The now shut-down marketplace notoriously ran an eBay-style black market. It enabled sellers to sell drugs and contraband, before simply posting them to customers through the ordinary post. Sales were undertaken with the Bitcoin cryptocurrency which added an extra layer of anonymity. An Australian drug dealer became the first person convicted for buying and importing drugs on Silk Road when customs intercepted packages from the Netherlands and Germany.
As a safe haven for organised criminals, who can use the encrypted platform to evade surveillance, it poses a continuing challenge for law enforcement to track. Last year, the parliament provided increased powers to police and security agencies to monitor the dark web, including allowing them to pose as users, upload what looks like criminal activity and track down those who attempt to access it.
In a submission to a parliamentary committee reviewing the bill last year, the Australian Federal Police said its Counter Child Exploitation Centre found a 163 per cent increase in child abuse material downloaded on the dark web comparing the same three-month period in 2019 and 2020.
IN OTHER NEWS
It's not all so dark
While focus usually highlights these more nefarious activities, the Dark Web holds a legitimate role in the areas of access and privacy. Digital activists have long hailed it as an example of how to build a 'better internet' where privacy is the default, away from the data harvesting of 'surveillance capitalism'.
Some of the world's news services have already set up 'mirror' sites on the dark web, including ProPublica and the New York Times in the U.S. and the BBC in the UK. The BBC reaffirmed the aims of their dark web site when announcing they would offer news in Russian and Ukrainian a the start of Russia's invasion of Ukraine.
On launching their Tor service, the New York Times gave the reasoning of "some readers choose to use Tor to access our journalism because they're technically blocked from accessing our website; or because they worry about local network monitoring, or because they care about online privacy; or simply because that is the method that they prefer".
An expanding number of media also use Tor to receive sensitive information from protected sources and whistleblowers in a 'Secure Drop'. It was on the Dark Web where whistleblower Edward Snowden released classified information which exposed the United States Governments spying on its own citizens.
But it's not just news media, Facebook launched a Tor site in 2014 as an "experiment". In March this year, Twitter joined them in direct response to the Russian invasion and censorship of Russian citizens accessing western social media and non-Kremlin-approved news sources.
As more countries restrict the internet access of their populations, blocking information and the means for private communication, the dark web is becoming a place to fill the gaps.
While some dark web chat rooms contain the worst of humanity, they are also becoming a place to organise for the best of it. It is connecting families beyond restricted borders, organising resistance and more importantly, letting people under the thumb of authoritarianism stay connected to the dream of freedom.
Google Trends data shows the top four countries searching how to access the dark web this year were China, Russia, Ethiopia and Iran.
Google Trends data shows the top four countries searching how to access the dark web this year were China, Russia, Ethiopia and Iran. According to metrics from the TorProject, users accessing tor sites in Iran rose by over 60,000 since women started fiercely protesting following the death of 22-year-old Mahsa Amini.
So what can we do?
Like all aspects of society, both online and offline, there are positives and negatives. From Facebook groups to text messages, skate parks to nightclubs, there is always the risk of something dodgy going on. But if we focus on the negative we can miss the value and good they can carry. We shouldn't be afraid but we should stay aware, working to keep our information safe and secure. We should also, as users, demand to be included in the conversation of what kind of internet we want to see.
While you may not be jumping on the dark web, here are ways to ensure your information doesn't land on the wrong side of it:
- Keep your device software up to date. Software updates often contain security upgrades which fix any weakness found in operating systems. It is preferable to have automatic updates turned on for your device so you are always on the latest version.
- Turn on multi-factor authentication on your social media, banking and email accounts. This will mean you will receive a code by SMS or email to access your accounts. It adds a layer of protection to your information if cybercriminals attempt to log into your accounts.
- Create strong passphrases instead of passwords. It may be easy for a cybercriminal to guess a word, if you use four or more random words, it makes it much harder. An example is 'crystal onion clay pretzel'.
- Watch out for scams. Don't click on links in emails or SMS, or give personal information over the phone before assessing if they are legitimate.
You can find the full list of tips and advice at cyber.gov.au.