The Deep Web Nicholas A. Davis, CISA, CISSP November 30, 2018

Size: px

Start display at page:

Download "The Deep Web Nicholas A. Davis, CISA, CISSP November 30, 2018"

Emma Walton
5 years ago
Views:

1 The Deep Web Nicholas A. Davis, CISA, CISSP November 30, 2018

2 Session Overview Introduction Warning Definitions and background How content is accessed DNS, the phonebook of the Internet Academic, and not so academic Deep Web search engines Tools of the Deep Web trade Sample Deep Web searches Ashley Madison case study, examining the implications of knowing too much Think about the potential ramifications of accessing the Deep Web Performing safe Deep Web searches Final thoughts, Question and answer session

3 Introduction and Warning The Deep Web / Dark Web can be an unpleasant place Accessing it poses several risks: Emotionally troubling content Illicit content Deceptive content Malware, which could infect your IT assets Everyone leaves a digital footprint

4 Some Definitions Deep Web, Deep Net, Invisible Web, or Hidden Web is not part of the Surface Web (that which is normally accessed). Do not confuse it with the Dark Internet, which refers to computers which can no longer be reached over the Internet Some people think that the Deep Web is a haven for serious criminality, and I agree with them

5 Normal Web Search vs. Deep Web Search Searching on the Internet today, can be compared to dragging a net across the surface of the ocean: a great deal may be caught in the net, but there is a wealth of information that is deep and therefore missed

6 Deep Web Size It is impossible to measure or put estimates onto the size of the deep web because the majority of the information is hidden or locked inside databases. Some estimates suggest that the deep web is 4,000 to 5,000 times larger than the surface web

7 Deep Web Resources Dynamic Content Dynamic pages which are returned in response to a submitted query or accessed only through a form, especially if open-domain input elements (such as text fields) are used; such fields are hard to navigate without domain knowledge.

8 Deep Web Resources Unlinked Content Unlinked content: pages which are not linked to by other pages, which may prevent Web crawling programs from accessing the content. This content is referred to as pages without backlinks (or inlinks).

9 Deep Web Resources Private Web Private Websites that require registration and login (password-protected resources).

10 Deep Web Resources Contextual Web Contextual Web: pages with content varying for different access contexts (e.g., ranges of client IP addresses or previous navigation sequence).

11 Deep Web Resources Limited Access Content Limited access content: sites that limit access to their pages in a technical way (e.g., using the Robots Exclusion Standard or CAPTCHAs, or no-store directive which prohibit search engines from browsing them and creating cached copies

12 Robots.txt File Explained Discourages Search Engine Spiders

13 Deep Web Resources Non HTML Content Images or other file formats not handled by search engines, due to use of steganography.

address, regardless of whether or not it has been indexed.

14 Accessing the Deep Web Without DNS While it is not always possible to discover a specific web server's external IP address, theoretically almost any site can be accessed via its IP address, regardless of whether or not it has been indexed. Domain Name Servers (DNS) are the Internet's equivalent of a phone book cnn.com, wisc.edu or milwbar.org are all DNS entries

16 Accessing the Deep Web Certain content is intentionally hidden from the regular internet, accessible only with special software, such as Tor. Tor allows users to access websites using the.onion host suffix anonymously, hiding their IP address. Other such software includes I2P and Freenet.

The Onion Router (Tor) Tool For the Deep Web Tor is software that installs into your browser and sets up the specific connections you need to access dark Web sites.

17 The Onion Router (Tor) Tool For the Deep Web Tor is software that installs into your browser and sets up the specific connections you need to access dark Web sites. Tor is an encrypted technology that helps people maintain anonymity online. It does this in part by routing connections through servers around the world, making them much harder to track.

18 Who Invented Tor? Oddly enough, Tor is the result of research done by the U.S. Naval Research Laboratory, which created Tor for political dissidents and whistleblowers, allowing them to communicate without fear of reprisal.

19 Tor Client Available For Download

20 Accessing the Deep Web Tor2web

21 What Deep Web Links Look Like Deep Web links appear as a random string of letters followed by the.onion TLD. For example, followed by.onion, links to TORCH, the Tor search engine web page.

22 Deep Web Search Engines

23 By Definition, These Are All Deep Web search sites

24 In mid-2014, a hacker created Grams, the Dark Web s first distributed search engine. Grams allows would-be criminals to search for drugs, guns, and stolen bank accounts across multiple hidden sites. It even includes an "I m Feeling Lucky" button and targeted ads where drug dealers compete for clicks.

25 Grams Sample Search Crunchy Dutch Moonrocks

26 Tools of the Trade

Liberty Reserve provide a convenient system for users to

27 Things That Make the Deep Web Work Cryptocurrency Digital cash, such as bitcoin and darkcoin, and the payment system Liberty Reserve provide a convenient system for users to spend money online while keeping their real-world identities hidden.

Things That Make the Deep Web Work Bulletproof Web-hosting Services Some Web hosts in places such as Russia or Ukraine welcome all content, make no

28 Things That Make the Deep Web Work Bulletproof Web-hosting Services Some Web hosts in places such as Russia or Ukraine welcome all content, make no attempts to learn their customers true identities, accept anonymous payments in bitcoin, and routinely ignore subpoena requests from law enforcement.

Things That Make the Deep Web Work Cloud Computing By hosting their criminal malware with reputable firms, hackers are much less likely to see their traffic

29 Things That Make the Deep Web Work Cloud Computing By hosting their criminal malware with reputable firms, hackers are much less likely to see their traffic blocked by security systems. A recent study suggested that 16 percent of the world s malware and cyberattack distribution channels originated in the Amazon Cloud.

Things That Make the Deep Web Work Crimeware Less skilled criminals can buy all the tools they need to identify system vulnerabilities, commit

30 Things That Make the Deep Web Work Crimeware Less skilled criminals can buy all the tools they need to identify system vulnerabilities, commit identity theft, compromise servers, and steal data. It was a hacker with just such a tool kit who invaded Target s point-ofsale system in 2013.

31 Things That Make the Deep Web Work Hackers For Hire Organized cybercrime syndicates outsource hackers-for-hire. The Hidden Lynx group boasts up to 100 professional cyberthieves, some of whom are known to have penetrated systems at Google, Adobe, and Lockheed Martin.

32 Things That Make the Deep Web Work Multilingual Crime Call Centers Employees will play any duplicitous role you would like, such as providing job and educational references, initiating wire transfers, and hacking accounts. Calls cost around $10.

33 Be Careful of What You Search For, You Might Just Find It

34 Deep Web Dangerous Web

35 Deep Web Dangerous Web

36 Deep Web Dangerous Web

37 Deep Web Dangerous Web

38 Deep Web Dangerous Web

39 Deep Web Dangerous Web

40 Deep Web Dangerous Web

41 Deep Web Dangerous Web

42 Deep Web Dangerous Web

43 Deep Web Dangerous Web

44 Information Useful to Legal Professionals The Ashley Madison Customer List

45 Beware of Honeypots Deceptive Traps

46 Think About It Consider the source of the data. Is it trustworthy, or not? Is the data stolen? What liability do you expose yourself to by using it? Once you know something, are you ethically compelled to say something, do something, alert authorities?

47 Think About It What information are you exposing about yourself when you use the Dark Web? IP address, type of computer, day and time of visit, what you looked at, downloaded? Did you infect your machine with malware while you were on the Dark Web? Did you just break the law, because you were curious? Think of your professional image and potential damage to your integrity

49 Deep Web Advice Don t be ignorant of the data you expose. For example, what do you know about EXIF data?

50 Lawyers Are Often Targets on the Deep Web Perhaps your personal information, s, login credentials, etc, are out for sale on the Deep Web TOR, I2P, FreeNet, and DN42 are all tools that can be used to search for information about people If you must go to creepy parts of the Dark Web, do so with extreme caution: Don t do it at work-----without EXCEPTION Don t do it on any computer you own which contains personal data of any type Don t do it on a public kiosk, where you could be held responsible for damage Best idea is to contact a Deep Web specialist, and work with them, instead of doing it yourself

51 Generally Accepted as Safe Deep Web Search Resources For academic research, well-regarded subject directories that canvass the deep Web include the Librarians' Internet Index and Infomine. General deep Web search engines include Incywincy and OAlster. For in-depth deep Web searching, consider meta-search engines such as SurfWax and Copernic Agent.

Another Legitimate and Fairly Safe Technique If you wish to locate other deep Web search engines, type your key words in a general search engine such as Google, followed by "database.

52 Another Legitimate and Fairly Safe Technique If you wish to locate other deep Web search engines, type your key words in a general search engine such as Google, followed by "database." For instance, if "'air pollution' and database" is entered into Google, you will retrieve the Environmental Protection Agency's AirData web site, which provides "access to air pollution data for the entire United States."

53 Deep Web Advice Be careful who you become friends-----and enemies with

54 The First Question On Your Mind

55 Final Thought

56 Questions, Comments, Discussion Nicholas A. Davis Chief Information Security Officer (CISO) University of Wisconsin System Always available for questions, conversation and the sharing of ideas Tel (mobile)

Dark Web. Ronald Bishof, MS Cybersecurity. This Photo by Unknown Author is licensed under CC BY-SA

Dark Web. Ronald Bishof, MS Cybersecurity. This Photo by Unknown Author is licensed under CC BY-SA Dark Web Ronald Bishof, MS Cybersecurity This Photo by Unknown Author is licensed under CC BY-SA Surface, Deep Web and Dark Web Differences of the Surface Web, Deep Web and Dark Web Surface Web - Web