Recent events in Kenya has left banks, multinational organizations and even the government aware that cybersecurity should be taken seriously. As is typical with the Kenyan government and other state organizations, they generally deliver results on a knee-jerk principle. The government will respond to acts of terror, attack, and extremism when it is a little bit too late. It is no surprise that the country’s taxman, KRA, was the victim of a modern day heist, which resulted in the loss of about 4 billion Kenyan shillings. Now, I am not saying that KRA had no measures in place to mitigate a hacker attack, but I wouldn’t be surprised if they had flimsy cyber security measures.
Anyway, enough of KRA and its troubles, all I want to talk about today is the dark web. Ever heard of it? Yes? No? How about the deep web? Nothing? Were you to conceive of the Web as a data ocean (which of course it is), most of us are interacting with the Surface Web ( the wavy, transparent, easily navigable section of the spider’s web of information ). The Surface Web is the portion of the Web that has been crawled and indexed (and thus searchable) by standard search engines such as Google or Bing via a regular web browser such as internet explorer or google chrome. However, in the darkness below, beneath the electronic thermocline, is the Deep Web (namesake to Invisible Web or Hidden Web) – the portion of the web that has not been crawled and indexed, and thus is beyond the reach of standard search engines. Research has it that Google – currently the largest search engine – has only indexed 4-16 % of the Surface Web. Surprisingly, the Deep Web is approximately 400-500 times more massive than the Surface Web. It is also estimated that the data stored on just the 60 largest Deep Web sites alone are 40 times larger than the size of the entire Surface Web.
As one side of a coin to the other so is the Deep Web and the Darknet (also termed the Dark Web, Dark Net, or Dark Internet). Originally, the Darknet referred to any or all network hosts that could not be reached by the Internet. However, once users of these network hosts started sharing files (often anonymously) over a distributed network that was not indexed by standard search engines, the Darknet became a key part of the Deep Web. It is non-existent to an individual who does not even know it exists, yet it is growing just as fast as its parent, the deep web.
you might be wondering why many are in for the Deep web or darknet rather than the surface web. well, studies have revealed that the Deep Web actually contains the largest expanding reservoir of fresh information on the Internet. These websites offer protected materials with much deeper content whose overall quality supersedes those of the surface web. Their directory listings are also subject specific, making it even more accessible and relevant to targeted searches. Technology is also at the very core of this growth; ubiquitous computing (the old version of IoT), distributed/cloud computing, mobile computing, and sensor networks, have all contributed to the expansion of the Deep Web. Advances in secure/anonymous web hosting services, cryptocurrency/Dark Wallet, and development of crimeware are further contributing to the growth of the Darknet. A variety of cryptocurrencies such as bitcoin, Darkcoin, and Peercoin have been in use for anonymous business transactions that are conducted within and across most Darknet marketplaces. Hackers for hire and multilingual call centers have also accelerated the growth of Darknet. Of course, there are also plenty of legitimate uses of the Darknet by journalists, political dissidents, whistle-blowers, and human rights advocates. Not to be a surprise, Chelsea (formerly Bradley) Manning, Julian Assange, and the famous Edward Snowden all relied heavily on the Darknet for their cause and activities.
There is, however, a much bigger reason to worry, despite the above praise about the Deep web. A lot goes on in the dark web that is considered illegal (unhealthy to the society). The dark web part of the deep web has succeeded, as limited to the knowledge of the offended, mostly in mirroring the dark side of the society. The above claim is more of a truth in the nude. Shielded from the ‘normal’ web, there are marketplaces where hackers advertise their services, hitmen get hired, fraud and money laundering services are offered, illegal content such as child pornography is sold and much more. these guys too have their own paradise of dwelling in the darknet: drug dealers, hitmen, hoaxers, human traffickers, pimps, identity thieves, leakers, political extremists, vigilantes, terrorists, and spies. it is if not, a home to the good world overturned.
The markets for hacking programs, other cybercrime tools, and stolen data, in particular, have continued to grow with no signs of slowing down. There an urgent need for policymakers and the public to better understand the Deep Web and develop a more comprehensive law enforcement, regulatory, and national security response. This focus needs also to take into account the potential positive uses of the Deep Web. For instance, in 2010 TOR received an award for Projects of Social Benefit from the Free Software Foundation for services it provides to whistleblowers and human rights supporters. The emergence of the Deep Web in general and Darknet in particular, offers a new economic, social, and political ecosystem that was designed to exist – and usually operates – beyond the reach of law, regulation, and government oversight. If policymakers want to understand the Deep Web and Darknet, they will need to give it intentional focus and move beyond usual Internet search methods. we can’t be aiming for a shark in the lake while it dines and dwells comfortably (out of reach) in the oceans.
This makes knowledge of the dark web and how to manoeuvre it a very important part of cyber security. A cyber security professional cannot comfortably say that they are at the very best of their game while they know nothing about the ongoings on the dark web. You cannot say that your systems are completely safe while a certain group is meticulously planning the next attack on your systems. The country’s security organs cannot say that the country is safe while terrorist groups are fundraising, buying illegal arms and even laundering money all on the dark web. Whether we like it or not, acknowledge or ignore it, the dark web is an important part of cybersecurity, and it is high time cyber security professionals in Kenya gave this part of the World Wide Web the attention it deserves, or else there might be more cyberspace heists resulting in the loss of billions of shillings.