What is the darknet?

All hidden online networks and services are subsumed under the term darknet. It is a part of the internet that can only be accessed via special client software and cannot be found using ordinary search engines such as Google, Bing, or DuckDuckGo.

Project your applications with Myra DDoS Protection

At one look

1. A definition of the darknet
2. How does the darknet work?
3. What are the differences between the darknet, deep web, and clearnet?
4. How do you get on the darknet?
5. Who uses the darknet?
6. What you need to know about the darknet

A definition of the darknet

Most users access only a small fraction of all freely available services and networks on the World Wide Web. They are indexed by search engines and are therefore easy for the general public to find – this is known as the clearnet. On the other hand, the deep web comprises web resources that are not readily accessible to everyone. These include back-end systems of websites, portals for online banking, and other services secured by passwords or other means. A separate part of the deep web is the darknet, where users surf around anonymously and in encrypted form. Especially for people living in countries with restricted freedom of information, it offers the possibility to “circumvent” censorship. It must be obvious, however, that its advantages also attract countless criminals of various stripes.

Person working on laptop and typing on keyboard

How does the darknet work?

If you want to explore the deep web, you basically only need to access the right links or know the appropriate credentials. However, if you want to access the darknet, you have to install a special client such as the Tor Browser, which obfuscates access and anonymizes the user. This browser can be used to access conventional websites via nodes that are largely untraceable. The client is also required to access special services on the darknet. In the case of Tor, access to “onion services” is fully encrypted. This means that the user’s identity is better protected when browsing onion services compared to traditional websites, where the final request from the Tor network is made in cleartext. For this reason, various news portals, organizations for human rights, freedom of speech and the press, as well as service providers and email providers concerned with data protection, use their own onion services as a supplement to their traditional websites. However, the special security and anonymity of the Tor network also attract cybercriminals who abuse the technology for illegal activities.

What are the differences between the darknet, deep web, and clearnet?

What exactly are the differences between the darknet, deep web, and clearnet? The iceberg metaphor is a great way to visualize it:

Clear Web:

This is the tip of the iceberg – the part of the internet we use every day. It is sometimes referred to as the surface web, visible web, or clear web.

Deep Web:

This is where, as it were, the user dives deeper and finds the part of the iceberg below the water’s surface. The content available here is only revealed if access protection can be bypassed via a password, etc.

Darknet:

A sub-area of the deep web that cannot be found by your ordinary “John Q. Public” – only those who have special tools can move about here, ensuring the necessary anonymity when surfing. It is impossible to access it without the right software, the appropriate browser setting, and, depending on the service, an invitation from another darknet user.

Discover our tailor-made Security-as-a-Service solutions for IT infrastructures and web applications.

Request a free demo now

How do you get on the darknet?

Navigating the darknet requires the use of special client software. Different technologies are employed depending on the service:

Tor

Onion routing forms the technological basis of the Tor network. Its name comes from the structure of the encryption scheme used, which is secured several times over many layers. The connection is routed through a network of nodes that act as encrypting proxy servers. The most popular client for accessing the Tor network is the Tor Browser (an advanced variant of Mozilla Firefox) provided by the Tor developers themselves.

Hornet

Developed by researchers at ETH Zurich and the University College of London, “High-speed Onion Routing at the Network Layer” operates in a similar way to Tor – user data is reliably encrypted, making it impossible or extremely difficult to track.

I2P

Another alternative to Tor is the “Invisible Internet Project.” It differs from Tor in the sense that it does not use anonymous proxy servers; instead, everything on the network takes place decentrally and without servers. This enables full end-to-end encryption.

Who uses the darknet?

The anonymity of the darknet is highly valued by two groups in particular. The first comprises people who need the technology’s protection for their communications because they fear censorship and prosecution in their own countries. This group includes the politically repressed as well as dissidents, members of the opposition from autocratically run countries, journalists, and whistleblowers. On the darknet, they can also access content not available to them on the visible web due to political restrictions. Furthermore, the cloak of anonymity on the darknet helps journalists protect their sources.

The second group consists of cybercriminals and fraudsters. They use the advantages of the darknet to conduct illegal business under the guise of anonymity. Malware, drugs, weapons, and criminal services, for instance, are some of the things traded on darknet marketplaces. Despite the ambitious protective measures taken by operators, law enforcement agencies have repeatedly succeeded in exposing criminal portals on the darknet. Most recently, DarkMarket, the world’s largest illegal marketplace on the darknet, was taken offline by German investigators with international support. Around 500,000 users are purported to have made transactions worth more than a total of €140 million on the portal.

What you need to know about the darknet

The darknet is a separate area of the internet that can only be accessed via special clients. The technologies used here ensure that requests are encrypted and anonymized. The users and operators of services on the darknet cannot be easily identified. The underlying technologies were developed primarily to enable highly vulnerable individuals to communicate and use online services securely and without censorship. These include individuals who are politically persecuted, residents of totalitarian states, journalists, and whistleblowers. However, the technologies are also misused by cybercriminals for illegal activities.

Want to learn more about our solutions, use cases and best practices for attack defense? In our download area you will find product sheets, fact sheets, white papers and case studies.

Go to download section

Responsible Disclosure Legal notice Privacy policy Privacy Settings Terms and Conditions