Cyber Threats 2014: Darknets, Adobe Passwords, Windows XP, Bitcoin

Buying marijuana, cocaine and heroin has never been easier. Neither has finding a contract killer or viewing horrifying pornography. The dark web – the dark underbelly of the internet - is growing and allowing users to surf beneath the ordinary surface web with almost complete anonymity.

The GCHQ and FBI are constantly monitoring deep web pages, looking for terrorist organisations, drugs and arms dealers. Now, companies who are experts in Cyber Security are being asked to help – to track down the criminal gangs, the instigators or home grown extremists and leaders of child porn rings.

Of course, it's not that easy for us to do. The dark web is enormous, and it's not just a matter of inputting a search query into Tor and finding sites first time. Many links are dead, or corrupted. Finding the active sites depends very much on who you know underground, and who has the usable "clean" links and passwords.

There are many hidden forums with anonymous users looking for the right introduction to the deepest sites, or instigating conversations and posting reviews of dealers' products and services.

The dark web community is also rife with paranoia. As in any criminal world, no one is really sure of anyone's real identities. Using a new drug dealer is a risky step, as undercover police are everywhere. References to the "LE" (law enforcers) and their underground monitoring activity is all over the forums and chan links.

As soon as the FBI steps in and take down one site, the chat rooms explode, with everyone desperately scrabbling to beef up their "opsec" and keep themselves anonymous and under the radar. References to "cleaning up your house", "burning down your house" proliferate – basically cleaning all traces of drug activity from your location in case the FBI come calling.

Some "Hidden Wikis" have small lists of searchable deep web sites, helpfully organised into different topics: Marketplace Financial for all the credit card hackers and scammers, the Commercial Marketplace for arms dealers and contract hitmen, Marketplace Drugs which has links to the drugs dealers on Agora or Evolution, and the carefully named "Erotic" containing the more unusual 18+ porn plus links.

Facebook Tor dark web
Facebook has lifted its ban on the anonymous browser Tor by launching its own .onion address. CC

However, to find harder websites peddling more disturbing information such as child pornography or links to human slavery deals means you have to dig deeper. A lot deeper. The FBI and equivalents constantly monitor the deep web 24/7 to find individuals that they know are big fish in the criminal underworld. They use a variety of methods, including using the expertise of external companies.

The ones we know about (and are allowed to talk about) are companies such as BrightPlanet and Hold Security. These are set up to specifically monitor the dark web, and collect data not only from the surface of the internet but also from the millions of deeper websites. BrightPlanet monitors the web on behalf of law enforcement agencies, trawling to find specific illegal activities to create custom intelligence reports and monitor "criminally predicted" individuals and their online activity.

BrightPlanet uses various tools to automate the gathering and analysis of criminal activity being discussed online. They can scan Twitter for threats to specific locations or individuals, or search for keywords and locations– essential as a legal enforcer in the world of underground terrorism and extremism.

However, it's not just law enforcement agencies that are using the dark web. The sort of people, and companies, which roam the dark web on a daily basis include entirely lawful companies. One such company is Cryptdesign.com. Crypt bill themselves as an "anonymous darknet design & build team". After 15 years of working for clients on the surface or "clear" net, Crypt decided to go underground, and start offering design services to the community on the deep web. They are quick to reassure users that "We don't need to know who or where you are, and we will never reveal to anyone the work done or for whom".

More on the deep and dark web

Some dark web users have good intentions. Doctor X is a trained physician that works on harm reduction projects in his day to day life, but answers medical related questions from the drug marketplace as well—all for free. He started in June 2013, and received 600 questions and 5,000 visits after just three months on the now-defunct Silk Road dealer site. In an interview with Joseph Cox of Vice, Doctor X said:

"Drug users need more...They need answers, and that's what I try to provide. People ask me about the real risks and adverse effects, drug combinations [illegal and prescriptive] and the use of drugs in persons suffering from different conditions, such as diabetes or neurological problems."

A hacker that goes by the name of "Intangir" became a champion for the dark web last March when he hacked into the Hidden Wiki, and deleted all of the links to child pornography. He tweeted this after doing it:

"In 1 move, I did more to limit CP access than all the Twitter pedo hunters of the last 3 years. What have you done today?"

Tim Holman is CEO of 2-Sec, one of Britain's most renowned dark web specialists. You can find out more by visiting the 2-Sec website.