It’s estimated the “Surface Web”—websites and data visible to everyone—represents less than five percent of the total information and locations on the internet. Beneath the surface lies the Deep Web—also known as the Hidden, Invisible and Dark Web.  In this article, we’ll shine light on the dark web—what it is, how it’s accessed, and what types of information end up there.
What is the “Dark Web”?
“Dark Web” may sound like the ominous abode of the Sith lord, but really, it’s just part of the internet where users are anonymous and information and activity is mostly unregulated.
The dark web was originally created by the U.S. Naval Research Laboratory, and a lot of what takes place there isn’t criminal. For example, the dark web is also home to journalists, human rights activists, and whistleblowers who want to pass information securely and safely.
The anonymity also draws criminals and illegal activity. On the dark web, hackers and cyber criminals trade in identity information, stolen accounts, and how-to guides for profiting from fraud. You don’t want your personal or business data to end up in the wrong hands, but there are easy steps you can take to avoid that situation.
How is the Dark Web accessed?
Pages in the dark web are not indexed by Google, Bing, Yahoo and other popular search engines used on the Surface Web. You can’t reach dark web locations using a standard browser like Chrome, Safari or Firefox. Instead, Deep Web explorers use the TOR browser, which stands for The Onion Router. Today, more than 65,000 unique ‘.onion’ URLs can be found on the Tor network, and about half are estimated to be involved in criminal activity. The rest serve legitimate purposes such as chat room communications, marketplaces, and file servers.
What business and personal information is for sale on the Dark Web?
Many unsavory products are sold on the dark web. Here are some of the kinds of business and personal information transacted online by cybercriminals and identity thieves.
- Fake and “Genuine” identities: Criminals sell fake ID documents (think underage access to a bar) as well as identities of real people (to assume a new identity or pull off fraud).
- User logins for financial accounts: Just $70.91 can purchase access to a bank account. Thieves can try to transfer money out of a bank, charge up credit cards, take out a loan, or perform an account takeover.
- Medical records: Millions of medical files are for sale and cybercriminals love them for their large amount and quality of identity information.
- Business network credentials: You don’t have to be hacker to break into a corporate network. And with employees working at home during the pandemic, there were 69% more postings selling corporate network access logins during Q1 2020.
- Accounting department email addresses: These are valuable to cybercriminals for phishing campaigns because they are the personnel dealing with money in a company.
How to keep the Dark Web out of your life
If you’re taking steps to guard the security of your business and personal data, you don’t need to worry about the dark web. For individuals, these steps include being careful with passwords, using two-factor authentication, and using an identity monitoring service with dark web monitoring. Businesses should also conduct anti-phishing training for employees, deploy network protection and cybersecurity solutions, and carry cyber insurance with breach resolution.
To learn more about digital defense tools individuals can use to protect their personal information, contact your local Rural Mutual Insurance Agent.
 International Monetary Fund, “The Truth about the Dark Web,” F&D magazine, September 2019
 Irish Tech News, “Your Entire Online Identity Could Be Worth Less than €900 On Dark Web, New Report Reveals,” February 23, 2019.
 CBS This Morning, “Hackers are stealing millions of medical records – and selling them on the dark web,” February 14, 2019.
 Positive Technologies, “Access for sale,” May 20, 2020.
 Digital Shadows