The dark web offers crucial information hidden from the surface. Learn how to investigate safely and improve your research.
Many individuals and organizations often make the assumption that open-source intelligence begins and ends with the surface web research. While it can be extremely important to your online investigation, only utilizing surface-level results limits the potential of your research.
Although a wealth of information can lie on the surface, there is much to be found in a hidden area of the internet called the dark web. Only accessible through specialized software, dark web sites are hidden from the rest of the internet making for a secretive digital environment with lots of activity varying in legitimacy.
Many believe that the dark web is only used for criminal activity, however, it has legitimate uses as well. In countries with heavy censorship laws, the dark web is used for sharing and disseminating information. It can also be used for privacy protection and anonymity due to its layered encryption. Popularized by media, the most well-known use of the dark web is for criminal activity including marketplaces to sell drugs, stolen identities, weapons and malware, as well as forums to exchange info about illegal activities, hacking tools and more.
If you are investigating any of these activities, you could be leaving information on the table by not researching on the dark web. But before you jump right into this unpredictable digital environment, you need to understand the fundamentals of how Tor works, how to best access Tor and precautions to take to mitigate and limit risk.
See the 10-minute training video, Introduction to Tor and its value to online research
So, what is Tor?
The most commonly used darknet service is Tor (pronounced /tôr/). It stands for The Onion Router, developed by the U.S. Naval Research Laboratory in 2002. It was created to provide layers of encryption (hence the reference to onions and the use of .onion domain name extension) in order to anonymize communication between intelligence professionals.
By diverting traffic through multiple nodes on its way to the client, the originator of files and sites can be hidden, making them more difficult to trace. The multi-layered encryption gives anonymity to its users and service providers alike. However, like any browser, there are still ways to track activity and malware risks that come along with logging on.
In Tor, the biggest weakness is the point information travels between the exit node and the destination site. This unencrypted area presents a vulnerability to users.
While anyone can download Tor to access the dark web, professionals conducting sensitive online research should access and use it in line with their organization’s policies. If dark web access is approved, the speed, security and anonymity of that access depends on the way access is delivered.
How to access Tor
There a two main approaches to accessing the dark web through the Tor browser:
The self-managed approach involves a stand-alone computer that connects to a VPN and then goes through the Tor browser to access the dark web.
With this DIY approach, there are several responsibilities from both an IT and researcher perspective to ensure security is maintained and activity isn’t attributed to the organization or individual. This approach will require the purchasing of separate computers and the development of network infrastructure from IT, as well as the maintenance of this setup in line with changes in technology, threats and “popped” machines (due to security or attribution risks). From the researcher's side, the self-managed setup necessitates self-auditing and monitoring of the research and activity being conducted, as well as maintainevidentiary compliance requirements.
The responsibilities of IT and researchers for a self-managed setup can become a major headache due to time consumption, resource intensiveness and growing expenses. However, those aren’t the only disadvantages of this approach. While Tor is mostly secure, attribution and IP address geolocation can still take place possibly compromising your investigation, network and device. There is also a strong possibility of executable code on your endpoint along with many other software vulnerabilities. Lastly, much of the content on the dark web is not traditionally accessed making it likely that your organization could have that content blocked limiting your research results.
While the self-managed setup presents many challenges and extra responsibilities, you might be thinking that investigating on the dark web through Tor isn’t worth the hassle. However, there is a much simpler, innovative and research-centric solution to access the dark web.
Purpose-built research platform
Silo for Research, a cloud-based online research platform, can be used on a regular work computer and connects through the Tor browser to safely access the dark web.
With Silo for Research, IT and researchers can offload nearly all of the responsibilities of the DIY approach to a SaaS solution. All that is required of IT is to deploy Silo for and to implement and manage policies through the platform’s admin console. From a researcher's perspective, the only responsibility is to do what you intended, to research.
Silo for Research is a cost-effective web isolation solution with security, anonymity and audit and compliance tools baked into the browser to allow for one-click access to Tor. Built with research at the focus, the all-in-one solution also includes built-in collection and analysis tools that assist with automation. Silo also includes secure, cloud-based storage and sharing functions allowing researchers to share the information and data they collect without having to compromise their security.
As a researcher, you should be focusing on one thing only — conducting your research. You shouldn’t have to leave information on the table because you are unable or ill-equipped to access the dark web. But you also shouldn’t risk compromising your investigation, yourself or organization by trying to self-manage. With Silo for Research, you can access and investigate the dark web confidently without compromising productivity or security.