surface web

The Dark Web, Deep Web, and Surface Web: Understanding the Difference

Over the past several years, cybersecurity awareness has become much more prevalent in mainstream media, and for a good reason. The uptick in stories about the latest data breaches and rampant identity theft has brought about the use of terminology that was not well-known to the general public but commonly used throughout the infosec (Information Security) community. 

To the uninformed ear, these cybersecurity terms can be confusing and sound intimidating as they are commonly used as a scare tactic to sell you a product or service. While these products and services are valuable assets to leverage, it is essential to understand precisely what these terms mean, so you can make an informed decision on the services you need to protect your organization. In this article, I want to demystify a common cybersecurity term “the Dark Web” by discussing what makes the Dark Web different from the Deep Web and Surface Web. I’ll also share what you need to do to protect yourself and your data.

How Search Engines Work

Before we talk about the Dark Web, Deep Web and Surface Web, it is important to understand search engines and how they work. For those born before 2000, navigating the internet was a bit different. Google was just starting out, and Bing hadn’t even been invented yet. While there were other search engines available, they weren’t as well-known or as useful as the ones available today. If you wanted to find something on the internet, you needed a direct link to get there, as you couldn’t just search for a topic and have a list of relevant websites show up in your browser. Sounds cumbersome, right? Well, luckily for us, Google thought the same thing and acted by creating their search engine.

Crawling and Indexing Explained

There are two terms you should be aware of regarding search engines: crawling and indexing. Without getting too in-depth, crawling is the process of scouring the web in order to upload discovered websites to an ever-growing list in a database. This process is usually programmed so that newly created websites are automatically found and added to the database. Indexing, in its basic form, is just organization. The websites in the database are reviewed and organized based on different parameters such as keywords, topics, malicious vs. non-malicious, and many others. Crawling and indexing are the core features that allow search engines to work the way they do.

If you’re a bit confused, think of it like a library. A library crawls the world to purchase books worth adding to their shelves (the database). The books are then organized (indexed) based on genre. You then query the librarian (the search engine) for the type of book you are looking for, and they know exactly where to find it.

The Difference Between the Surface Web, Dark Web, and Deep Web

Now that you understand how search engines work, let’s decipher the terminology behind the Surface Web, Dark Web and Deep Web. We’ll start with the one that everyone is familiar with, the Surface Web, otherwise known as the Open Web.

The Surface Web

The surface web is what most people use daily. It consists of publicly available websites that a search engine has indexed. You are already familiar with how it works. You enter a keyword into Google, and all of the websites related to that topic will show up. You choose a website to visit, and the data on that website will be made available to peruse at your leisure. It’s as simple as that.

The Deep Web

The Deep Web is a little different because search engines do not index websites associated with it. This is important to understand before we can explain the Dark Web. Surprisingly, most websites available on the internet today are actually a part of the Deep Web, so you’re more than likely navigating to these resources daily. Since you can’t find these websites by searching for them, how exactly do you find them? A lot of the Deep Web consists of private databases and internal networks that require specific permissions to access. You are either invited to create an account for the website or utilize proprietary software that connects directly to the resource.

Some examples of this would be checking your bank account online. While you can search for Bank of America and access their public site, you can’t directly search for your bank account, right? Therefore, when you go to Bank of America’s website, you must click on a separate link to log in and enter your credentials to access your account. You have now moved from the Surface Web to the Deep Web as your account is a part of their internal database, which cannot be found by searching on Google. Another example would be accessing email through the Outlook application or web interface. You can navigate to the Outlook website directly or install the desktop client, which is publicly available to anyone who wants to download it. But, to gain access to your account, you must enter your username and password, which transfers you directly to a Deep Web resource as your data is not accessible directly through a Google search.

The Dark Web

Last is the infamous Dark Web. The Dark Web is actually a part of the Deep Web as a whole because it consists entirely of unindexed content. However, there are significant differences between the Dark Web and the Deep Web. The differences have to do with how the Deep Web and Dark Web are accessed, the anonymity of network traffic while browsing, and the types of data/activities they are commonly used for. To access the Dark Web, you need a particular browser that is developed specifically to talk to the servers hosting Dark Web content and link all of those services together through a proxy. The most common browser in today’s world is called TOR (The Onion Router) which was developed by the United States Navy to protect state intelligence. These browsers are designed to encrypt all traffic for privacy reasons, which is why many threat actors look to this type of web navigation to carry out illegal activities.

So, what types of things can you find on the Dark Web? Unfortunately, there are many distasteful themes, but for the purpose of helping you understand how to protect your data, I want to focus on the stolen credentials that are available for sale on the Dark Web. There are specific forums for the sole purpose of making money off of your stolen data. From usernames and passwords to credit cards and social security numbers, it all has a price, and people are willing to pay.

Protecting Your Data from the Dark Web

So, how do we stop your data from being sold on the Dark Web? Unfortunately, unless you work for a government agency with authority to decommission the websites hosting these forums, there isn’t much you can do to stop this data from being sold. Most people who aren’t in the infosec community won’t even be aware that their data is compromised.

That’s why you need to take a preventative approach. Awareness is key. That’s where Dark Web monitoring solutions come in. These solutions are designed to monitor the Dark Web and alert you to compromised credentials and stolen data. Knowing which credentials are compromised enables you to get ahead of the problem and take the appropriate action(s) to mitigate the risk.

Using identity theft protection through a third-party or your bank of choice can also play a huge role in keeping your identity safe. As I said earlier, awareness is key. Understanding what and, more importantly, how the data was compromised is critical for developing processes to prevent it in the future.

Kite Technology Can Help

At Kite Technology, we take a security-first approach in everything we do. As one of few Managed IT Service Providers in the country with the CompTIA Security Trustmark+ certification, KiteTech demonstrates our commitment to following security best practices and adhering to industry-recognized security standards and measures.

Our clients can focus on their business with peace of mind–knowing that we employ industry best practices and tools to keep their business systems and data safe and secure. To learn more about KiteTech’s Managed IT and Security Services, please reach out to schedule a conversation. We’d love the opportunity to talk with you and learn how we can help you protect your organization.

Picture of Dillon Fornaro

Dillon Fornaro

Security Engineer
Kite Technology Group

adam atwell

Adam Atwell

Cloud solutions architect

Adam is passionate about consulting with organizations across the country to help them develop and execute a cloud adoption strategy that meets their business needs and future objectives. Adam oversees and manages our company strategy for Microsoft 365 adoption and is responsible for future growth and development inside Microsoft 365 and other cloud technologies.