Fact or Fiction? Four Myths About the Deep and Dark Web, Debunked

Rumors about the deep and dark web abound, but which of them are true, which are malarkey, and which are a bit of both? Debunking rumors helps to demystify the deep and dark web, illicit communities, and the threat actors who operate within them. Below, we explore four of the most common myths about the deep and dark web (DDW).

Myth #1: The dark web and the deep web are the same thing.

Reality: While the dark web and deep web are both unsearchable using regular search engines like Google, they actually refer to two separate sections of the internet.

The terms dark web and deep web are often, and improperly, used interchangeably. So what is the difference between the deep and dark web?

The deep web is an encompassing term that refers to content published on the internet that is not indexed, and therefore, not searchable with regular search engines. This includes password protected content, corporate databases, academic research stored on university servers, and closed chat groups.

This also applies to dark web content. However, the dark web exists on a separate network and has the added protection of only being accessible via anonymized web browsers like the Tor browser.

Myth #2: Dark websites make up the majority of the internet.

Reality: The dark web actually makes up only a fraction of the internet.

Rumors of the dark web’s size are highly exaggerated. Occasionally, the statistic that the dark web makes up 96% of the internet is thrown around. This is false. According to research, the dark web comprises fewer than 60,000 domains while the open web comprises over 300 million.

ICANN, which coordinates the allocation of domains around the world, has set aside domain space for various organizations, causing many open web domains to remain unclaimed. However, the dark web—meaning hidden content requiring specific software to view, like a Tor browser—is a minuscule part of the internet equation.

In fact, the majority of internet content exists on the deep web, which is password protected and not indexed by search engines.

Myth #3: All activity on the deep and dark web is illegal.

Reality: While some internet-based criminals use services on the dark web, the vast majority of cybercrime and other illicit activity, takes place either on the open web or on the deep web.

Specifically, evidence of illicit activity is found on surface websites (blogs and common websites), social media platforms (Parler, Rumble, Facebook, e.g.), encrypted chat applications (Telegram, Discord, WhatsApp, e.g.), social news sites (Reddit, e.g.) and message boards (4Chan, 8Chan, e.g.). These are all places where cybercriminals and threat actors alike can congregate and find one another.

Myth #4: The deep and dark web is full of criminals conducting illegal transactions.

Reality: Ultimately, encrypted, secure, and anonymous online services are tools in the hands of the people that use them. Whether they are used for illicit or benevolent purposes largely depends on the user.

The deep and dark web has a reputation for being the Wild West of the internet—full of unsavory individuals and illicit activities you cannot mention at the holiday dinner table with grandma present. However, there are many innocuous, even philanthropic uses for Tor networks and other encrypted internet services such as I2P.

For population under authoritarian regimes, encrypted internet services help dissidents and advocates secure their own anonymity as they conduct democratic and human rights work. Additionally, major newsgathering organization like The Washington Post, social media platforms such as Twitter, and media organizations such as CNN all have their own Tor hidden services. This helps to fulfill their own missions by providing citizens of censorious governments access to information that’s commonly blocked, restricted, or censored by their governments.

Prepare for Ransomware and Cyber Extortion with Flashpoint

Keep track of IOCs associated with groups known to target your industry on the Flashpoint platform. Request a demo or sign up for a free 90-day trial and see firsthand how Flashpoint cybersecurity technology can help your organization access critical information and insights into ransomware actors and their tactics, techniques, and procedures (TTPs).