Resources

Dark Web vs Deep Web – What’s the difference?

Written by Elliot Wilkie | Nov 29, 2022 10:09:58 AM

Let's be honest: we see articles and news publications referring to both the "dark web" and the "deep web" on a regular basis, and I'm sure many of us haven't even considered these as distinct entities.  So, let's dig a little deeper into both.

Deep Web

What we see on a daily basis is what is known as the "clear web", which is made up of indexed websites. In other words, this is a section of the internet where websites can be found using search engines (Google, Bing, DuckDuckGo etc). The deep web, on the other hand, is not searchable and accounts for an estimated 90% of the internet. Sounds scary, right? Well there's no need for concern. Non-indexed pages are often web pages that organisations do not want you to see from a search engine, such as database query results, subscription only pages, pages hidden behind Captcha technology, and so on. These web pages usually contain nothing malicious.

Dark Web

While dark web pages are not indexed, the Deep Web and Dark Web share no other similarities. Even standard web browsers are unable to access the dark web (Chrome, Edge, Firefox). This is where Tor comes into play.  Its main purpose is to provide anonymity online through "onion routing". In short, this provides anonymous browsing through multiple layers of encryption, like an onion. Each dark web page URL ends with ".onion" rather than the usual ".com" or ".co.uk".
The dark web contains exactly the type of content you'd expect, such as pornographic material, discussions about buying and selling drugs and weapons, and forums and dark markets where stolen credentials are traded.

When an organisation is breached, sensitive information such as PDFs and spreadsheets, as well as user credentials, are stolen. These login details are extremely valuable to threat actors because they not only give them access to the service you were using, but they also have access to your password. In 2020, SC Media reported that 93% of home workers reused their passwords.

Where does Trillion fit in?
Trillion, in a nutshell, is a breached account dark web mining service that allows any organisation to identify potential threats on the dark web and provide the tools to combat them. Monitoring web and login traffic, using tools like Captcha, or even penetration testing are frequently insufficient to reduce risk.

With Trillion's visibility, a company can begin to understand their threat landscape and the corrective actions required to render stolen data credentials useless to hackers. Data breaches happen every day, and a simple 'point-in-time' report will not suffice in the long run, which is why Trillion continuously tracks, correlates, and analyses billions of stolen usernames and passwords in search of digital identities. It is critical to have constant visibility of stolen credentials available on the dark web in order to reduce security risk.