Exploring the Surface, Deep, and Dark Web
Key Points
- The “surface web,” which is indexed by search engines, represents only about 5% of the entire web, while roughly 95% remains unindexed.
- The vast unindexed portion is split into the **Deep Web** (mostly private, password‑protected content like medical, legal, and forum data) and the **Dark Web** (intentionally hidden networks inaccessible via standard browsers).
- The Dark Web provides anonymity for whistleblowers, journalists, and political activists who need to share information safely in repressive regimes.
- It also hosts illicit marketplaces where illegal goods—such as drugs, weapons, and stolen data—are bought and sold.
- Hacker communities use the Dark Web to trade exploits, malware, and hacking tools, making it a hub for both legitimate privacy‑seeking activity and criminal enterprises.
Sections
- Untitled Section
- Tor and Dark Web Risks - The speaker explains how stolen credentials circulate on the dark web, emphasizes the need for anonymity via Tor, outlines its origins and operation, and warns about the dangers of entering that environment.
- Tor Usage Risks and Mitigations - The speaker outlines disadvantages of using Tor—including encryption overhead, possible compromised nodes, and exposure to malware and phishing—and advises employing a security sandbox to protect the system.
- Leveraging Dark Web Insights Safely - IBM X‑Force monitors the Dark Web for emerging attack trends and shares actionable intelligence with users, allowing them to stay protected without accessing the Dark Web themselves.
Full Transcript
# Exploring the Surface, Deep, and Dark Web **Source:** [https://www.youtube.com/watch?v=N3-zrhoBx6w](https://www.youtube.com/watch?v=N3-zrhoBx6w) **Duration:** 00:09:46 ## Summary - The “surface web,” which is indexed by search engines, represents only about 5% of the entire web, while roughly 95% remains unindexed. - The vast unindexed portion is split into the **Deep Web** (mostly private, password‑protected content like medical, legal, and forum data) and the **Dark Web** (intentionally hidden networks inaccessible via standard browsers). - The Dark Web provides anonymity for whistleblowers, journalists, and political activists who need to share information safely in repressive regimes. - It also hosts illicit marketplaces where illegal goods—such as drugs, weapons, and stolen data—are bought and sold. - Hacker communities use the Dark Web to trade exploits, malware, and hacking tools, making it a hub for both legitimate privacy‑seeking activity and criminal enterprises. ## Sections - [00:00:00](https://www.youtube.com/watch?v=N3-zrhoBx6w&t=0s) **Untitled Section** - - [00:03:07](https://www.youtube.com/watch?v=N3-zrhoBx6w&t=187s) **Tor and Dark Web Risks** - The speaker explains how stolen credentials circulate on the dark web, emphasizes the need for anonymity via Tor, outlines its origins and operation, and warns about the dangers of entering that environment. - [00:06:14](https://www.youtube.com/watch?v=N3-zrhoBx6w&t=374s) **Tor Usage Risks and Mitigations** - The speaker outlines disadvantages of using Tor—including encryption overhead, possible compromised nodes, and exposure to malware and phishing—and advises employing a security sandbox to protect the system. - [00:09:18](https://www.youtube.com/watch?v=N3-zrhoBx6w&t=558s) **Leveraging Dark Web Insights Safely** - IBM X‑Force monitors the Dark Web for emerging attack trends and shares actionable intelligence with users, allowing them to stay protected without accessing the Dark Web themselves. ## Full Transcript
You think you know about the World Wide Web?
You think you've seen what's out there?
I'm going to suggest to you you've only seen the tip of the iceberg.
In fact, in this video, we're going to take a look at the rest of the burg
all the way down to the wild, wild West portion of all of this.
This area that we call the Dark Web.
What kind of mysterious things are lurking there?
Let's take a look.
Okay, let's take a look then at the whole iceberg.
So first of all, the part that you're familiar with, that's the indexed portion.
In other words, indexed, meaning you could find it in your favorite search engine.
That's about 5% of the web indexed.
The other 95%.
Is the part that's not indexed.
You won't find it in your favorite search engine.
So what are these components, then?
Well, this first piece is called the Surface Web.
Again, this is where you go to your favorite search engine.
So you can go to Google.
This is where you're going to find your social media sites,
Facebook, Instagram, YouTube, all those kinds of sites, the kinds of things that you're normally used to.
When you think of the web.
It's all of that stuff.
That's the surface web.
Now, the stuff below the surface, what is that?
Well, there's two real components here.
One is called the Deep Web.
And that's what makes up the majority of this 95%.
And it's basically a bunch of things that there's not necessarily a great deal.
Some of it may be sensitive, but in general, it's just that you can't find it.
You don't know where it is.
A lot of times it's password protected content.
So it may be medical documents.
It may be legal documents.
It may be private forums.
It could be a lot of different things like that.
So nothing necessarily nefarious.
It's just not something that's generally meant for the overall public.
And that makes up the majority of the deep web that you just don't see.
But then there's this other part down here.
This is what is known as the Dark Web.
And the Dark Web not only is not indexed, but it has a lot of different kind of content in it.
So, for instance, there are this is a place where it's not easy to discover or even easy to get to necessarily.
We'll talk more about that in just a few minutes.
But on the Dark Web is where you're going to find a hangout for people who are whistleblowers,
people who are reporting information that maybe they need anonymity.
Sometimes journalists will go to the Dark Web in order to make reports.
Because some places there are political activists in parts of the world where free speech is not necessarily appreciated.
So they need some level of anonymity.
And the Dark Web helps preserve some of that anonymity.
Some of the other things that happen, though, on the other side of this are there are marketplaces,
Dark Web marketplaces where different types of contraband may be sold, could be illegal drugs or other things like that.
Also, hackers like to hang out in places like this, and they will exchange hacks.
They'll exchange exploits, malware, credentials, stolen credentials.
In fact, we found this in the recent X-Force Cloud Threat Landscape report
where we tracked the cost of those stolen credentials.
Basically, user ID and password on the Dark Web.
And this is another use of this area where, again, anonymity is what is prized.
Okay.
If you're going to want to go to this dark section of the Internet, you're going to need to be careful.
You're going to want anonymity and you're going to want security.
By the way, for the record, I recommend you don't go there.
It's a bad neighborhood.
So there's a lot of risks that are involved with it.
But the people who do this is how they do it.
They use something called the Tor, The Onion Router.
And The Onion Router is something that was an open source project
that was originally designed to be a decentralized way of preserving anonymity
and getting from one point to another without all the points in the middle knowing how you got there
and certainly the points at the end not knowing that.
It's basically created by a volunteer army of a lot of people who offer up their nodes, their systems
that are going to be part of this router and with a lot of different layers.
That's why we call it Tor, because it's an onion with you.
Peel back the layers.
We'll take a look at an example of how this thing works.
It actually started from the US Department of Defense back in 1995
and then ultimately was taken over by the Electronic Frontier Foundation.
And as a way of preserving privacy.
Now let's see, how does this thing work?
Well, if you were going to to do this, here's a user and here is a system that they want to get to.
There are different nodes that are involved in a Tor system.
So we have entry nodes, we have middle nodes, and we have end nodes, exit nodes.
So if this guy wants to go from here to here, how does he do it anonymously?
Well, he first of all, installs the Tor software.
There's a browser that they use.
He's going to install that and it's going to automatically contact a directory.
The directory knows the address of lots of other Tor nodes.
It's going to tell him if you want to go to somewhere, here's the address I want you to use
and it's going to point him to this as his entry node.
So there's going to be an encrypted session between his browser and this first Tor entry node.
This then will route to some other Tor node and middle node,
which then will route it to another node, which will be the exit node.
And it's called an exit node because when it comes out of this end, well, it's not protected.
In fact, it's in the clear.
That's actually one of the one of the risks that goes along with this.
A lot of people think they have end to end anonymity, and that's not true.
Once the traffic leaves the Tor network, then it's not protected anymore.
So what are the pros and cons of this?
Well, the pros are you get some level of anonymity in all of this, and that's important if that's what you're trying to get.
What are the cons?
Well, look at all I have to do.
I have to encrypt and decrypt, encrypt and decrypt, encrypt and decrypt and so forth.
That slows things down.
So that's going to be a disadvantage.
There's also no guarantee that when you get from here to here, that there won't have been a compromised node,
or again, that this gap might not have exposed you.
Also, there are other things to consider that that where you're going is a dangerous place.
And because it's a dangerous place, you may run into malware
that you get downloaded to your system without your knowledge.
There may be phishing attacks.
There may be network based attacks.
There's a lot of things that can happen.
Again, you're going into a rough neighborhood.
So be really careful and maybe you don't go there at all.
You just want to learn what this is about.
That's a good idea, too.
But if you're going certainly you're going to start with some technologies like I talked about.
You're going to want Tor because that's how you're going to be able to get to these non indexed places in the first place.
You're going to need some other things.
Maybe a sandbox.
A security sandbox.
What's that?
Well, it means if you were to get to one of these sites and it automatically downloaded malware onto your system,
if the Tor browser was running in a sandbox, then it's running on a specially protected portion of your system.
It will not then be able to the malware get out of that sandbox and infect the rest of your system.
So that's another protection that you can use.
You may also want to double up and use a virtual private network that carries your traffic in the end.
And with that, you would get more protection.
You're encrypting your information from one node to the next.
But this would be more of an end to end type of connection.
So where you can find uses for that, you might basically get kind of what we refer to as belt and suspenders.
That way, if one fails, the other will keep your pants up.
And then you want to use a firewall on your system
so that you can see what traffic is leaving your system and make sure that it's only
the things you want. And that traffic coming into your system is only from places that you expect it to be.
There may be a lot of other things you may also want to consider to add to your security stack.
Because, again, if you're going into a dangerous place, you want to be very well-protected.
Hopefully this video is demystified.
This thing we call the Dark Web may have shining some light on this subject
that otherwise you don't see because you're living up in this portion of the Internet.
Well, the Dark Web, again, is a place where there can be good things that happen.
There can be bad things that happen.
It's a dual use technology.
So it depends on how it's being used.
As to whether it's a good thing or a bad thing.
But it's definitely a thing and it's a thing that's not for the technologically faint of heart.
You need a lot of understanding about where you're going because there are a lot of risks that go along with it.
One of those lists, risk might even be a legal risk.
In certain countries, it's illegal to access certain parts of the Dark Web.
So be very careful with that.
But the good news is you don't have to go to the Dark Web in order to benefit from the learnings that can come out of that.
IBM's X-Force researchers regularly stay and monitor the Dark Web.
And they're looking for what are the attack trends so that we can pass that information on to you.
And you can stay safe.
If you like this video and want to see more like it, please like and subscribe.
If you have any questions or want to share your thoughts about this topic, please leave a comment below.