Deep and Dark Web Monitoring

Deep and Dark Web Monitoring
Photo by Alexander Hafemann / Unsplash

When it comes to little boogeyman terms online we often hear about the deep web or the dark web. These terms are often interchanged, and that's alright when trying to simply things. However, one most note that over-simplification is akin to saying that a thunderstorm and a deluge are both wet, correct and not accurate.

For a better defined delineation between the two, there's a good referenced over at Wikipedia.

In essence, the deep web was coined in 2001 to describe the non-indexed part parts of the Internet in the context of web searches and open accessibility. These websites are still reachable via direct URL or an IP address but, just like an outdated phone directory, would be unlisted and known only to a select few – and even then require some sort of proof of right to access. With that high level definition the deep web, thus, includes most web sites and services that require a password for entry of some sort or a paywall.

Sometime in 2009 saw the coinage of the dark web to describe private pockets of the deep web that was either obfuscated or encrypted (or both) and required a specific sort of application to access. While the backend infrastructure remained the same, other activities were then possible hidden from the watchful eye of casual observers. There are very legitimate ways to use the dark web such as by journalists to communicate with their source, but by and large cybercriminals have taken notice and like any agnostic tool, used it to their advantage.

Do you need to monitor the deep or dark web?

It might come as a surprise that this service has been around for some time. In fact there are several commercial and end-user versions of this service but only recently have they included the terms deep or dark web in their verbiage.

These days if you do any type of online banking you'll often come across services like "Identity Monitoring", where you get a regular report if your social security number, credit card information, or some other financial detail was reported in some form of data breach or being sold in the (criminal digital) underground (another term for the dark web). Lifelock is/was famous for its antics as well as all its TV promotions.

On the commercial side of the spectrum there are terms such as "Brand Monitoring", where online presence is checked against scam and phishing sites that lure victims using domain typo-squatting or other techniques. Other services may include checking against compromised servers that for some reason may have not been updated or more often misconfigured such that customer data was being exposed publicly. Perhaps even as bad, particularly for startups, would be intellectual property theft or exposure of other sensitive data that could have the potential of sinking a business.

What then is the purpose of monitoring for my own data?

(to be continued)